|All credit and debit card payments are processed
using SecureTradings e-payment network, which uses digital
signatures and strong encryption to ensure that all sensitive
information is protected throughout the payment process.
A digital signature is a method of positively identifying the sender
of a message sent in digital form. Just like a signature on a written
document, it proves that the message is authentic (but unlike a
written signature, it cannot be forged by someone else). A valid
digital signature also confirms that the message has not been altered
in any way on its journey between the sender and receiver.
SecureTrading use digital signatures throughout their system to
ensure that any transaction arriving at a payment gateway has come
from a merchant that they can identify, and that any information
passed back to the merchant is from a SecureTrading payment gateway.
Digital signatures are also used for communications within the SecureTrading
payment system. In the event that a merchant's digital signature
becomes a security risk (for example, if their server is stolen),
the appropriate signature will be immediately revoked and will no
longer function within the SecureTrading system.
SecureTrading is the approved Certification Authority (root CA)
for these signatures.
Encryption is vital when sensitive information is sent across a
publicly-accessible network like the internet. Many web browsers,
including Internet Explorer and Netscape, can use SSL encryption,
which encrypts data with a key of up to 128-bits. This level of
encryption is used by the SecureTrading secure servers which host
the payment pages for merchants, and it greatly enhances the integrity
of the payment process.
All of the servers and gateways that make up the SecureTrading
payment network, and all e-commerce systems using our services,
communicate using an even higher level of encryption: namely, 2048-bit
RSA encryption with variable 168-bit session keys. This is many
billions of times more secure than standard web browser security,
and is also much higher than all currently proposed new standards
for encryption in e-commerce.