Loading…
Security isn't a feature you add later — it's how MileMarketplaceis built. Here's exactly how we protect every payment, password, and piece of data.
All traffic to and from the site runs over HTTPS/TLS. Your connection is encrypted end to end, so data can't be read or tampered with on the way.
Card details go straight to our PCI-DSS Level 1 payment processors over an encrypted connection. MileMarketplace never sees or stores your full card number — the highest standard in the payments industry.
Passwords are stored only as salted, one-way hashes — never in plain text and never visible to us. Even we can't read your password.
Data lives in a managed Postgres database with row-level security, so each account can only ever reach its own records. Access is enforced at the database layer, not just the app.
The app runs on Vercel's globally distributed, hardened platform with authentication and storage managed on Supabase — audited, enterprise-grade providers, kept patched for us.
Every order is risk-scored, and seller payouts are reviewed and released only after delivery is confirmed. Suspicious activity, chargebacks, and policy breaches can pause a payout or suspend an account while we investigate.
Whichever method you choose — card, PayPal, bank transfer, or stablecoin — your money is held against the order, and our team only earns its fee once your booking is delivered. If we can't deliver, you're refunded.
Card and PayPal payments are processed by providers certified to PCI-DSS Level 1, the strictest tier of the card-industry security standard. Sensitive payment data never touches our servers.
We welcome reports from security researchers. If you believe you've found a vulnerability, email support@milemarketplace.com with the details and steps to reproduce. Please give us a reasonable chance to fix it before any public disclosure, and don't access or modify other users' data while testing — we won't pursue good-faith research that respects those rules.