SPARROW uses multiple layers of security, multiple subnets and multiple key pairs to protect customer and affiliate data. Our information systems are Payment Card Industry Data Security Standard (PCI DSS) Level 1 compliant.
In addition to perimeter zone protection, SPARROW employs internal components, both physical and logical, to thwart nefarious activity. Communications are always performed over Virtual Private Networks (VPN) and/or SSL and TLS connections. All payment information is encrypted prior to transit and is always stored in a Demilitarized Zone (DMZ) network that includes a separate autonomous firewall, database encryption and intrusion detection systems.