Secure fundraising platform

Fundraising security and transparency are top priorities at Classy from GoFundMe. Led by GoFundMe’s chief information security officer, our dedicated security team works to protect your organization, supporters, and data. Independent auditors have evaluated our systems, confirming compliance with the highest PCI DSS security standards. With a safe and trusted fundraising platform, you can focus on advancing your mission.

Technology infrastructure and data protection

Security compliances and measures

Security is ever-evolving, so are we.

PCI DSS Level 1 Compliance
AWS Virtual Private Cloud
24x7x365 Security Scanning and monitoring
Network Level Vulnerability Scanning
Consistent Review of Rules Flagging Suspicious Activity
IDS, IPS, WAF, and DDOS protection
Monthly and quarterly audit reviews

Secure computing

We build security into the foundation of all our products and services to ensure our platform is secure by design.

Role-based access control
Secure logging
Static and dynamic code analysis
OWASP Secure Coding Principles

Secure donor experiences

Our supporter experiences are secured with enterprise-level protection, promoting trust and safety among donors.

Intelligent fraud protection uses behavior-based models and machine learning to reduce fraudulent transactions before they happen, lowering chargeback fees
Suspicious activity is detected via intelligent fraud protection without the need for donor prompts, further streamlining the donation experience
Multi-factor authentication serves as the first line of defense against unauthorized access and helps protect sensitive customer and supporter data

Secure data management

Using tokenization, encryption, and key management, our platform never stores credit card information and always protects other sensitive data.

AES 256-bit encryption
TLS v1.2 protocol requirement