Collect subscriptions and recurring fees
Collect variable and ad-hoc payments
Ideal for subscriptions and invoices
Ideal for one-off payments
Collect from 30+ countries
Reduce payment failures
Stop payment fraud
Build a custom integration
Connect to 200+ partner apps
Instant Bank Pay for recurring payments
Get help using GoCardless
Common questions answered
Guide for integrators
Paid with GoCardless? Read our FAQ for customers
As you may have seen in the news, several new vulnerabilities were reported against Log4J (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Log4J is a Java-based logging utility that is used for software development. We advise merchants using the gocardless-pro-java API client to use SLF4J. The authors of SLF4J have now confirmed that the library is not vulnerable. You can find more information about this here (https://www.slf4j.org/log4shell.html )
Log4J is a popular library and, like most organisations, we do have references to Log4J across our estate. It is also used by some of our approved vendors and we have applied their patches or mitigations. We have mitigated the risk in our own applications by removing the relevant functionality where applicable and have confirmed no other internal applications are affected. Our investigations have found no evidence of successful exploitation of these vulnerabilities.
Help & resources
About GoCardless
Contact us
Sales Contact sales +44 20 4579 7398
Support Request support +44 20 8338 9540
Seen 'GoCardless LTD' on your bank statement? Learn more
GoCardless (company registration number 07495895) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017, registration number 597190, for the provision of payment services.
GoCardless SAS, an affiliate of GoCardless Ltd (company registration number 834 422 180, R.C.S. PARIS), is authorised by the ACPR (French Prudential Supervision and Resolution Authority), Bank Code (CIB) 17118, for the provision of payment services.