Pricing

Free during the validation experiment.

We're pre-launch. The free scanner is the whole product right now — and it's free for as long as we're figuring out what merchants actually want to pay for.

Right now

Free

$0 forever, on the validation tier

Free scan of any checkout page on demand.
Audit-ready PDF report mapped to PCI 6.4.3 / 11.6.1.
Plain-English remediation list.
Score (0–100) with explainable component breakdown.
Articles, landing pages, and reference material at /articles.

Run a free scan →

Coming soon

Pro

Pricing TBD — somewhere in the $29–$99/mo range based on what merchants tell us.

Continuous monitoring. Automatic weekly scans of your checkout. Alert when something changes.
CSP report ingestion. Wire your report-to endpoint to us; see violations as they happen.
QSA-ready evidence pack. Quarterly export of inventory + integrity proofs + change history, ready to hand to your assessor.
Multi-store support. One dashboard, many checkouts.
WordPress + Shopify apps. Direct integration into your store admin.

Email us when you want to be notified:

hello@checkoutproof.com

We read every reply. Tell us what you'd actually pay for and what doesn't matter to you.

Why we're not charging yet

The product needs to be useful before it's worth charging for. We're running a 30-day validation experiment to figure out which merchants actually want this enough to pay. If you're one of them, the email above is the fastest way to shape what we build next.

For context on the architectural decisions and what we deliberately won't sell: see our CosmicSting deep-dive for the technical depth, and our DPA for the no-cardholder-data commitment.

Frequently asked

Will the free tier go away when paid launches?: No. The free public scanner stays free. The paid tier adds continuous monitoring, evidence export, and platform integrations — things a one-shot scan can't do.
Is the free scan rate-limited?: Yes — 5 scans per hour per IP, hard. Enough for a normal merchant checking a few stores; not enough for a competitor to vacuum our methodology.
Are you really not selling our data?: Really not. We don't have data worth selling — we don't store card data by architecture, and we don't track you across the web. See our privacy policy for the specifics.
How do I know you'll still be around when I'm at audit time?: You don't, and you shouldn't. Bootstrapped solo founders are higher-risk than VC-backed competitors on this dimension. The mitigation: the free scan exports a one-page PDF you can save locally; if we vanish, your evidence file doesn't.