For the best web experience, please use IE11+, Chrome, Firefox, or Safari

OneLogin Compliance Commitment

As a security-first company, data and privacy protection are our # 1 priority.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards.

What’s the primary purpose of this initiative?

The PCI Data Security Standards help protect the safety of that data. They set the operational and technical requirements for organizations accepting or processing payment transactions, and for software developers and manufacturers of applications and devices used in those transactions.

What’s the scope?

OneLogin is a PCI Level 4 Merchant and has completed the Payment Card Industry Data Security Standard’s SAQ-A. We use a third party to process credit card information securely.

How often are you evaluated/audited?

Audit is performed annually by a QSA. You can request for the PCI documentation here.

Who is the primary audience?

Customers and relevant third parties with a business need.

Responsible Disclosures

We take security seriously at OneLogin. As part of our ongoing commitment to provide a best-in-class cloud service, we leverage independent third parties to help us strengthen our security. If you think you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.

Report a vulnerability or view our Security Hall of Fame

Are you a Security Researcher?

We are always looking for talented individuals with security experience.