Contact Us | Help | Text only version | Return to normal viewPrint view | Site Map
Electronic Payments Electronic Payments Electronic Payments
Sponsors
PSP Signup
Valid XHTML 1.0 Transitional
Home > Electronic Payments Costs > Online payment security

Online payment security

Summary
Protect card details over the Internet, and make your customers feel secure.
Although it is perceived otherwise, transactions over the Internet are in fact safer than offline transactions.
Three commonly used security measures are SSL, SET and PKI technology.

Protecting card details is the primary security risk with electronic transactions. Customers are very comfortable using cards in shops and over the phone despite the ever-present risk of details being copied or stolen. With payments over the Internet, there is more resistance towards disclosing card information.

While it is generally perceived that conducting credit/debit card transactions over the Internet is prone to insecurity and fraud, offline transactions like landline based telephone calls, can be less secure. According to Forrester research, for every £1000 of transactions a company could lose £1 over the Internet compared to £25 offline as a result of fraud.

Perception can get in the way of fact. Both software and hardware companies have invested a great deal to further protect online data and build up customer confidence. Be aware of the security issue and help customers to feel at ease by telling them about the precautions you have taken. In the current Internet climate it is vitally important that you are not only secure but are seen to be secure.

Three of the best known options for the encryption and security of personal and card details are explained below. Almost every payment solution mentioned in this online payments tool includes this technology as standard. Online retailers will not need extra security measures if they use these market-tested and well-established products.

Secure Socket Layer (SSL)

SSL allows traffic to be scrambled (or encrypted). The standard SSL developed by Netscape provides a high level of protection. The US government views encryption technology as munitions, so the only version of SSL available worldwide is the relatively weak 40-bit version. However, this version can protect against any casual attempt to decipher card details, as it takes over an hour to crack one message.

Browsers that support this feature a dialogue box, a padlock in the bottom task bar, or a blue key (like Netscape Navigator) to indicate that a secure session is in progress.

Secure Electronic Transaction (SET)

SET encrypts payment card transaction data and verifies that both parties in the transaction are genuine. SET, originally developed by Mastercard and Visa in collaboration with leading technology providers, has a large corporate backing and is perceived to be more secure as a result of its validation from card companies.

Public Key Software Infrastructure (PKI)

PKI is similar to a bank’s night safe in that many public keys can be used to deposit items into the safe, but only one private key, belonging to the bank can make withdrawals.

With these systems in place you will be able to demonstrate your concern for customer security.

Online Payment Risk Assessment < Previous Page | Next Page > Electronic Payment Application Criteria

 HSBC Bank Secure ePayments
PayPal Merchant Services
PPPay.com
PayPoint.net Complete Solutions
Allopass
Protx
Moneybookers LTD
DataCash
NetBanx Bureau
ePDQ
BT Buynet
Splash plastic card
Nochex
Bucks.Net Services Ltd
WorldPay-Bank Direct
SecureTrading Ltd
Wirecard AG
NetPayments
Total Web Solutions
WorldPay-World Direct
eKashu
PayPoint.net payment Gateway
NetBanx Direct
Secure Hosting Ltd
CI-CARD
ChronoPay PSP
Ymogen
ChronoPay Bureau