Security Policy
Security
As a Payment Service Provider, thousands of businesses outsource their
transaction security to us (Protx). It is our top priority to ensure that
transaction data is kept secure at all times.
Transaction security
All transaction information passed between merchant sites and the Protx
VSP Systems is encrypted using 128-bit SSL certificates. No cardholder
information is ever passed unencrypted and any messages sent to your
servers from Protx are signed using MD5 hashing to prevent tampering.
You can be completely secure in the knowledge that nothing you pass to
the Protx servers can be examined, used or modified by any third
parties attempting to gain access to sensitive information.
Encryption and Data Storage
Once on our systems, all sensitive data is secured using the same
internationally recognised 256-bit encryption standards used by, among
others, the US Government. The encryption keys are held on
state-of-the-art, tamper proof systems in the same family as those used
to secure VeriSign's Global Root certificate, making them all but
impossible to extract. The data we hold is extremely secure and we are
regularly audited by the banks and banking authorities to ensure it
remains so.
Links to banks
Protx has multiple private links into the banking network that are
completely separate from the Internet and which do not cross any
publicly accessible networks. Any cardholder information sent to the
banks and any authorisation message coming back is secure and cannot be
tampered with.
Employee access
No individuals within Protx are able to
decrypt transaction information or cardholder data. Our systems only
allow access to our most senior staff and only in extenuating
circumstances (such as investigations of Card Fraud by the Police).
Your transaction information and customer card information is secure
even form our own employees because our systems never display the full
card numbers, even on administration screens.
Privacy
We (Protx Limited) are committed to protecting your privacy. We recognise our responsibility to keep confidential at all times any information about you which we acquire in connection with your application. Protx is registered under the Data Protection Act and complies with their standards. Please note however that our responsibility is necessarily limited to protection by us of information which we obtain.
Collection of Information
To enable us to process your application we will typically acquire information which includes your name, your e-mail and business addresses, and other relevant business details.
Use and disclosure of Information
We use the information which you provide us to process your application. Protx will not disclose the information to third parties, or make any use of it, without your permission, unless we are required to do so by statute or by an authorised body in order to aid the investigation or prevention of crime.
Security
Protx is committed to protecting the security of your data. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. For example, we store the personal information you provide in computer servers with limited access that are located in controlled facilities.
Cookies
Cookies are text files, used by your computer's browser, that store visitor session data. Cookies, by themselves, do not identify the individual user. Cookies are commonly used on the Internet and do not harm your system.
We currently use cookies on our VSP Admin reporting system. Protx never stores any personal information in cookies (on any computer that you may use) that can be used to identify you, such as your name or account numbers.
If you do not want us to use cookies you may be able to configure your browser not to accept them. Please refer to your browser's 'help' facility for further information.
