Security

Last updated: May 2026

CheckoutPay is built so businesses can collect and manage payments with confidence. This page summarises our security posture in plain language. It is not an exhaustive technical specification.

Our approach

We apply industry-recognised controls for a cloud payment platform: secure transport, access controls, monitoring, and responsible change management. Security is reviewed on an ongoing basis as threats and standards evolve.

Accounts and authentication

Business accounts are protected by sign-in credentials you control. Use a strong, unique password, enable any additional protections we offer, and restrict who on your team can access financial settings. Never share one-time codes or recovery links with anyone claiming to be support.

Payments and settlement

Payment experiences are designed to reduce exposure of sensitive data in browsers and apps. Settlement and safeguarding of funds are handled in line with applicable Nigerian regulatory requirements through our regulated partner arrangements (see our Privacy Policy for the role of MetroOven Innovations).

Your responsibilities

• Keep devices and browsers up to date.
• Verify you are on the genuine CheckoutPay site before signing in.
• Report suspected unauthorised access to your account immediately via official support channels.
• Train staff on phishing and social engineering.

Incident reporting

If you believe a vulnerability affects CheckoutPay, contact us through the official support route published on this website. Please provide enough detail for us to reproduce and investigate. Do not perform intrusive testing without written authorisation.

Changes

We may update this page to reflect material improvements or clarifications. The “Last updated” date will change when we do.