Security is of paramount importance to The Plum Guide. When you book, we will withdraw the full booking amount once the booking has been confirmed. We will not release this payment to the host until you have arrived at the accommodation.

Our payment system keeps your payment safe in the following ways.

  • Our secure payment system keeps your HTTPS payment protected.
  • We use a validated PCI DSS compliant service provider.
  • We never store raw magnetic stripe, card validation code (CAV2, CID, CVC2, CVV2), or PIN block data. 
  • Cardholder data is stored using one of the most advanced encryption methods available. We use multiple encryption keys which are stored on different physical servers. The data store where cardholder data is kept cannot be connected to via the internet.
  • We require all users to authenticate each time they use the application and inactive sessions time out after 15 minutes. Passwords are never stored directly in the database, but are salted and hashed using a slow hash function to increase security.