DistroKid uses bank-level SSL encryption (SHA-256 with RSA, TLS 1.2) to transmit credit card information. That credit card information is then securely sent directly from your browser, to our credit card processor -- your credit card numbers never actually touch our servers or our database.
Your entire session is SSL encrypted ("https").
We have "2-factor authentication", too. That means that when you sign in from an unrecognized device for the first time (new computer, phone, etc.), we email a secret code to you. You'll need to type that code into DistroKid to prove that you're you.
This all helps protect your DistroKid account from any unauthorized access.