We use SagePay server as our payment solution.
The transaction takes place in an iframe on our site but is handled directly by Sagepay, we DO NOT store any of your payment details in our databases.
Your transaction is handled by a secure HTTPS POST from our web server to the Sage Pay’s servers, followed by a callback. It is arguably the most secure of Sage Pay’s integration, combining the security of HTTPS POST with other anti-fraud features, ensuring that no tampering has taken place during the transaction…
SagePay (formerly Protx) are the UK’s leading independant payment service provider .
Sage Pay’s systems are scanned quarterly by Trustwave which are an independent Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for the payment card brands.
Sage pay is also audited annually under the Payment Card Industry Data Security Standards (PCI DSS) and is a fully approved Level 1 payment services provider, which is the highest level of compliance. SagePay are are also active members of the PCI Security Standards Council (SSC) that defines card industry global regulation.
Now that’s pretty secure but, if you’re still not convinced, think about this:
Every time you buy petrol or a meal or pay a bill with your credit card, somebody could copy down the number. Every time you give your card number over the phone, someone could be listening. Think how many people in the world know your card number? Hundreds probably! Why don’t they use that number to order loads of stuff by mail order? Because it would be easy to catch them by looking at the address on the packages and they’d go to jail! Here’s the really good bit, though. You wouldn’t have to pay, even if someone else did use your card fraudulently. So, in fact, a credit card is the safest way of ordering anything mail order, whether by phone, fax or on-line.