DistroKid uses bank-level SSL encryption (SHA-256 with RSA, TLS 1.2) to transmit credit card information. That credit card information is then securely sent directly from your browser, to our credit card processor -- your credit card numbers never actually touch our servers or our database.
Your entire session is SSL encrypted ("https").
In addition to your session being SSL encrypted, we also require that users verify the phone number they have within their account:
We have "2-factor authentication", too. That means that when you sign in from an unrecognized device for the first time (new computer, phone, etc.), we email a secret code to you. You'll need to type that code into DistroKid to prove that you're you.
This all helps protect your DistroKid account from any unauthorized access.