Rainbow Rewards Merchant Website

Click Here to visit the consumer website
Rainbow Rewards Logo Denver Cityscape at Sunset Denver Cityscape at Sunset

How it Works
Advertising
Loyalty Program
The Database
Marketing Reports
ROI Case Study

View Testimonials

View Advertising

Participating Merchants Login

Signup as a Merchant

Contact Us

Security

Rainbow Rewards is built on integrity, both as a company value and as a data management policy. It begins with our privacy policy, includes our good standing with the Better Business Bureau, and extends to the technology and procedures we use throughout our operations.

Data Transmission

Whenever you are viewing confidential information in your browser, data is being transmitted from our servers to your computer. For all such data communication, we use a 128-bit encryption protocol called SSL (Secure Socket Layer) that is specifically designed to prevent the data from being intercepted and hacked. The use of this protocol is evident when the "http" prefix in your browser's address bar changes to "https" - for example, when you log in to your account.

Our site has been approved by VeriSign, the global leader in Internet security, as a secure web site. Wherever you see the VeriSign seal, you may click on it for information about our use of the SSL protocol and our identity.

User Authentication

Rainbow Rewards authenticates users through the use of usernames and passwords. To the extent you are careful to keep this information confidential, it is a secure means of providing account information, rewards and special offers only to authorized users.

Card Numbers

Rainbow Rewards uses an industry-standard encryption technology called MD5 (Message Digest 5) to protect card numbers. Using a sophisticated algorithm, MD5 scrambles the card number into a hash or a meaningless sequence of characters. It is a one-way hash in the sense that it cannot be reverse-engineered to determine the original card number.

As a result, only the last four digits of a card number are displayed so that you know which cards are registered with Rainbow Rewards. In fact, we do not even store the full card number on our system - only the hash.

Intrusion Prevention

We use multiple firewalls and other intrusion prevention technologies to protect our systems and data resources. Our networks are regularly scanned by Coalfire Systems, certified by the PCI Security Standards Council as an Approved Scanning Vendor, and reviewed for any potential vulnerabilities. Software upgrades and patches are applied diligently to keep our systems secure.

Credible Partners

In order to maintain a high level of security through the transaction collection and validation phase, Rainbow Rewards has partnered with Golden Retriever Systems, the leader in loyalty transaction processing. GRS is a wholly-owned subsidiary of TSYS (NYSE:TSS), the preeminent supplier of acquiring solutions, related systems and integrated support services to the acquiring industry and its customers.

Rainbow Rewards has also partnered with First Data Commercial Services, which represents nearly 5 million merchants worldwide. FDCS is a business unit of First Data Corporation (NYSE:FDC), the world's largest provider of payment processing services to financial institutions, businesses and governments.

Both GRS and FDC are compliant with the Payment Card Industry Data Security Standard (PCI DSS), which means they meet the rigorous data processing and security requirements set forth by the Visa CISP and MasterCard SDP programs. To maintain PCI compliance, annual audits are performed by Coalfire Systems, certified as a Qualified Security Assessor.

Security Precautions Worth Noting

Rainbow Rewards will never ask for your full 16-digit card number, and you should never send us your full card number. If we require a receipt or statement as proof of purchase, you should send it to us using our secure fax number and ensure that the full card number is not on the receipt or statement before faxing.

In very rare cases, a Rainbow Rewards employee may call to speak with you directly. The caller will identify themselves as an employee of Rainbow Rewards and you should feel free to ask to call back. To get the number, call information, look us up in a directory or visit our website - each provides a degree of confidence the caller is not masquerading as an employee of Rainbow Rewards.

Last revised: October 3, 2007.


Privacy Policy | Security Policy

Rainbow Rewards Corporate HQ
999 18th Street, Suite 2250
Denver, CO 80202
Phone: 303-323-8700
Fax: 303-339-4695
Toll Free: 866-277-0254
US patent pending
design and programming by web programmer