All of our credit/debit card purchases are processed by
Worldpay.
For millions of people around the world, WorldPay is the
way to pay - trusted and secure.
An important part of The Royal Bank of Scotland Group, the 5th biggest
banking group in the world, WorldPay payment solutions are
trusted by thousands of businesses, big and small.
Security Overview
Security is probably one of the most significant concerns for the shopper
during an online transaction. In reality, an online transaction is probably
more secure than a card transaction in a shop or conducted over the
telephone or by fax, as the information transmitted online is strongly
encrypted using complicated logarithm combinations.
The WorldPay payment system uses a combination of both established and
innovative techniques to ensure the security and integrity of all sensitive
data. Furthermore, Worldpay public web servers are certified by Thawte, a
public Certificate Authority, ensuring that the shopper can have confidence
that nobody can impersonate WorldPay to obtain confidential information.
Transaction Encryption
The transfer of the purchase details from our site to Worldpay is
encapsulated using Worldpay’s own encrypted and digitally-signed protocol.
This uses a combination of standard methods such as PGP, RSA and MD5 to
ensure that the information passed is secure and tamper-proof via SSL.
Security for the Shopper
Any communication between the shopper and WorldPay is also encrypted to the
maximum strength supported by the shopper's browser using 128 Bit SSL.
Shoppers are also protected from fraudulent use of their card in a "card not
present" environment, by their card issuers. The card issuers provide the
right for shopper to dispute a transaction if the goods/services did not
arrive or if the card was used fraudulently.
Data Storage
Data storage on WorldPay systems, and the communication between WorldPay and
the worldwide banking networks, is regularly audited by the banking
authorities to ensure a secure transaction environment. Worldpay also ensure
that they stay up-to-date with the latest versions of any third-party code
they use, and continually review their own proprietary code.