Security Practices

Wondering how safe Tilt is to use?

Leading companies like ESPN and Microsoft have trusted us to power commerce for their business. We've also helped local governments and major research universities realize their visions for the future. And every day, groups of all sizes are making amazing things happen on Tilt.

Here are some of the security measures we've put in place to protect your information on Tilt.

Our encryption game is strong.

All of our sites use SSL encryption with Forward Secrecy enabled for clients and browsers that support it to protect your information in transit. We regularly monitor our SSL implementation for security vulnerabilities and patches. We constantly think of ways to improve our SSL stack by evaluating our certificates, certificate authorities, and supported cipher suites.

All sensitive customer data is encrypted and secured on servers that cannot be directly accessed from the internet.

We love PCI in a nerdy way.

The PCI Security Standards Council develops and enforces strict payment card data security standards. Tilt maintains PCI compliance to protect your cardholder data.

On mobile? We’ve got you covered.

Our mobile applications use certificate pinning to secure customer data against man-in-the-middle attacks.

Our security team is at the ready.

If you encounter any issues while using Tilt, please contact us at security@tilt.com. We investigate and respond to all reported security issues as quickly as possible. For the protection of our users, we ask that you not publicly disclose any suspected security issue until we have addressed it.