Trust & Compliance
Security is the product. Here is the evidence.
Coshine operates as a regulated payment infrastructure provider. We hold the certifications, run the audits, and publish the disclosures expected of one.
Documents and pages
Certifications
PCI DSS / PCI-3DS / PCI-PIN / ISO 27001 — issuer, level, validity.
Learn moreSub-processors
Who processes data on our behalf, where, and for what.
Learn moreVulnerability disclosure
How to report security issues to us — scope, SLA, PGP.
Learn moreTransparency report
Annual report on requests, incidents and uptime (in preparation).
Learn morePosture at a glance
- PCI DSS Level 1 — certified service provider
- PCI-3DS — for 3D Secure server / ACS
- PCI-PIN — for PIN handling
- ISO 27001 — information security management
- Tier-3 data centres with active-active deployment
- Annual third-party penetration testing
- 99.995% historical uptime