Looking for gift cards in another region?

We have regional sites for our European and Canadian customers.

SECURITY

Your program data is safe with NGC - PCI DSS, HIPAA and GDPR compliant.

Information Security, Compliance, & Privacy

NGC operates the largest gift card technology and fulfillment facility in North America – its secure 92,000 sq. ft. headquarters where it activates and fulfills physical, digital, and mobile gift cards for over 500 merchant brands and 2,000+ clients in the consumer, loyalty, rewards, and incentive markets across US and Canada.

Compliance

NGC’s compliance scorecard includes:

  • PCI DSS
  • SOC2 certified Tier IV datacenter
  • 3rd Party Cybersecurity audits
  • HIPAA 
  • GDPR  
  • ISO-9001

Security & Privacy

NGC’s security and privacy best practices include the following and more:

  • Build and Maintain a Secure Network – Network segmentation, intrusion detection system, firewalls
  • Protect Customer Data – Limit customer data storage and retention, one-way salted hash passwords with multiple iterations of key derivation, browser CSP, strong cryptography, encrypt data in transit and at rest, key protection, proper key management
  • Maintain a Vulnerability Management Program – End point detection and response, secure SDLC, change control processes, vulnerability patching program, security.txt
  • Implement Strong Access Control Measures – Principle of least privelege, Multi Factor Authentication for device and remote access, 24x7 facility entry controls and surveillance monitoring
  • Regularly Monitor and Test Networks – Monitor privileged access, audit trails and logging, internal and external vulnerability scans quarterly, and penetration tests
  • Maintain an Information Security Policy – Including annual process for policy review and formally assessing risks once a year
  • Incident Response – Plan, policy and annual tabletop practice
  • Staff Security – Background checks
  • Training – Formal security awareness program
  • Business Continuity/Disaster Recovery Planning – Business impact analysis and annual tabletop exercise
  • Privacy Program – Training employees about rights and obligations regarding collection, use, disclosure, and disposal of personal information

In providing the gift card technology, sourcing, and fulfillment services for some of the world’s largest organizations across the financial, insurance, healthcare, mobile, and merchant industries, NGC works closely with its clients’ compliance, security, and risk assessment teams to maintain the highest standards in privacy and data security for its gift card solutions.


Contact us today and ask about the gift card solution that’s right for you.

Contact Us
NGC

NGC Social