Margaret River Wine Online take the protection of client credit card and personal details very seriously, below are the measures we take.
Geotrust True BusinessID with Extended Validation (EV) SSL
Flying Fish Cove has obtained the highest level of authentication ssl certificate, it is the same level of security you will find at online banking and financial institutions.
This EV SSL gives you total peace of mind when submitting private data and credit card information.
The EV SSL helps shield our customers by making sure that no one can intercept and misuse their credit card information.
EV SSL Features:
~ Security: business identity authentication, strong 256-bit encryption, 2048-bit root
~ Assurance: $500K USD warranty, GeoTrust dynamic True Site Seal trustmark
~ Universality: support for more than 99% of browsers and most mobile device browsers
With an EV SSL, the browser address bar will turn green. This shows that our website – margaretriverwineonline.com.au has been verified as authentic.
Margaret River Wineonline website is hosted on a PCI Compliant (to level 4) server. See PCI Security Standard Council website for more information.
Ongoing network scans, a requirement of PCI DSS, are performed by McAfee Secure.
See below for more information.
Margaret River Wine Online use Securepay as the payment processing gateway.
SecurePay's Payment Gateway provides merchants with the ability to process credit card and direct entry payments in a secure environment. SecurePay partners with the following major banks and financial institutions in the provision of the SecurePay Payment Gateway:
~ American Express
~ Commonwealth Bank
~ Diners Club
~ National Australia Bank
~ St George (including Bank of SA
~ Westpac (including Challenge Bank and Bank of Melbourne)
Direct entry payments are not processed in real time; they are stored in SecurePay's database and processed daily at 4.30pm EST.
Secure XML supports four payment transaction types:
~ Preauthorise Complete
Secure XML utilises a XML request and response messages, and can be run on any platform and in any programming language. The message transport is done via HTTP protocol using SSL.
Authentication, Communication & Encryption
To ensure security, each merchant is issued with password. This password requires authentication before a request can be processed. This makes sure that unauthorised users will be unable to use the interface.
The Secure XML interface uses HTTP protocol and SSL for communication with SecurePay's Payment servers.
Merchants using Secure XML will automatically use SecurePay's security certificate to encrypt requests and decrypt responses from SecurePay.
PCI DSS Compliance
With over 20,000 clients it is understandable that SecurePay is focused on meeting security standards that are industry leading.
The focus of our security is centred around the safe processing and storage of sensitive personal Credit Card, Charge Card and Direct Entry information. PCI DSS (Payment Card Industry Data Security Standard) Compliance is a strict security standard the card schemes (Visa and MasterCard) have introduced globally to ensure personal information is properly protected. SecurePay holds the highest level of PCI DSS accreditation.
SecurePay's Operations Network is audited on an ongoing basis by external auditors, namely Vectra Corporation, for the purpose of certifying compliance with PCI DSS.
Ongoing network scans, a requirement of PCI DSS, are completely regularly and are performed by McAfee Secure.
The services that SecurePay is authorised to provide under PCI DSS include:
~ Clearing / Settlement Services
~ IPSP (e-Commerce)
~ Payment Gateway
~ Processing MOTO Transactions
~ 3D Secure Access Control Server