Enterprise-grade security underpins the Conversational Cloud

LivePerson’s Conversational Cloud offers unmatched enterprise-grade security. Our applications, infrastructure, and policies have been vetted by advanced security teams at our Fortune 500 customers and reflect 20+ years of industry leadership in data and systems security.


Compliance and security certifications

We meet the most relevant international security and privacy standards.

SSAE 18 SOC2+HIPAA (formerly SAS70)

We conduct yearly data center audits and our reporting is compliant with the American Institute of Certified Public Accountants (AICPA).

PCI DSS 3.2.1

We handle payment data and secure transactions in compliance with Payment Card Industry Data Security Standards 3.2.1.


Our finance and security operations are compliant with all Sarbanes-Oxley requirements.

HIPAA via Business Associate Agreement (BAA)

LivePerson executes BAAs with HIPAA-covered entities to certify PHI protections.


LivePerson is HITRUST CSF® v9.3 certified to ensure robust security protection for our customers, including HIPAA-covered entities.

Request demo

Data security

We use the most current in-transit and at-rest encryption, along with optional AES and sensitive data masking. Our application security and customer controlled policies offer full visibility and logs to users and make it easy to customize user permissions and access.


Product and application security

LivePerson adheres to a comprehensive Secure Software Development Life Cycle that includes the following:

Design and planning
Design and planning

Our security team is actively involved in design for all major projects.

Static code analysis
Static code analysis

We conduct routine OWASP and automated scans in our systems.

Security scans and audits
Security scans and audits

We conduct regular vulnerability scanning and third-party assessments.

Training and awareness
Training and awareness

We issue third-party training in secure coding and ethical hacking for our R&D and QA teams.