Debit / Credit Card Payment Security The confidentiality of your information is protected and secured using SSL encryption. Online payment pages are secured using the Secure Socket Layer (SSL) protocol with 128-bit data encryption. SSL encryption is a process of encrypting data to prevent unauthorized access during transmission. This enables secure transfer of information and prevents unauthorized access to data when communicating between the user’s computer and the payment service, and vice versa. Payment services and financial institutions exchange information using a virtual private network (VPN), which is protected from unauthorized access. The payment service used is certified according to the PCI DSS Level 1 security standard prescribed by Visa and MasterCard rules. Credit card numbers are not stored by the merchant and numbers are not available to unauthorized persons. The payment service is based on the 3-D Secure standard, which currently offers the safest credit and debit card payment solution in the Internet environment. If a customer card participates in a 3-D Secure program, the customer will be asked for additional identity verification to confirm that he or she is using the card.
The PayPal site works at a high level of security. We use industry-leading security technologies (such as SSL) to keep your information secure. PayPal automatically encrypts your sensitive information when transferring it from your computer to our site using an SSL protocol (Secure Sockets Layer) with a 128-bits key (the safest key commercially available). Before registering or logging into the PayPal site, our servers verify that you are using an approved Internet browser – that is, one of the browsers that uses a version of SSL protocol 3.0 or higher.
When your information reaches the PayPal site, they are on a server that is extremely secure, both physically and electronically. PayPal servers are located behind an electronic firewall and are not directly connected to the Internet, so your private information is only available to authorized computers.