Our Merchant Banker is Barclays Merchant Services in UK and the payment acquirers are Secure Trading UK. They both follow strict security guidelines.

Digital Signatures

• Digital signatures are used throughout the system in order to ensure that transactions arriving at a gateway are from an identifiable merchant, and that any information passed back to the merchant is from a SECURETRADING gateway. Each signature uniquely identifies its source. Gateways also communicate with each other and with the control system using such digital signatures. In the event that a merchant's digital signature becomes a security risk (e.g. if their server is stolen), the appropriate signature will be immediately revoked and will no longer function within the system.

SECURETRADING is the official Certification Authority (root CA) for these signatures.

• Encryption All communication within the system are strongly encrypted using 2048-bit RSA encryption with variable 168-bit session keys (i.e. each transaction uses a new key). This is significantly (many billions of times) more secure than standard browser SSL security provided by, e.g. Internet Explorer. SECURETRADING encryption is also much more secure than that specified for the SET (Secure Electronic Transaction) protocol. The high level of encryption used is forecast as not being a requirement until the year 2015. The encryption is of course totally transparent to the merchant and his/her customers.