Security is probably one of the most significant concerns for both the shopper and the retailer during an online transaction. In reality, an online transaction is probably more secure than a card transaction in a shop or conducted over the telephone or by fax, as the information transmitted online is strongly encrypted using complicated logarithm combinations.
The WorldPay payment system uses a combination of both established and innovative techniques to ensure the security and integrity of all sensitive data. Furthermore, our public web servers are certified by Thawte, a public Certificate Authority, ensuring that both the shopper and retailer can have confidence that nobody can impersonate WorldPay to obtain confidential information.
The transfer of the purchase details from the retailers site to WorldPay are encapsulated using our own encrypted and digitally-signed protocol. This uses a combination of standard methods such as PGP, RSA and MD5 to ensure that the information passed is secure and tamper-proof via SSL.
Security for the Shopper
Any communication between the shopper and WorldPay is also encrypted to the maximum strength supported by the shopper's browser using 128 Bit SSL. Shoppers are also protected from fraudulent use of their card in a "card not present" environment, by their card issuers. The card issuers provide the right for shopper to dispute a transaction if the goods/services did not arrive or if the card was used fraudulently.
Data storage on WorldPay systems, and the communication between WorldPay and the worldwide banking networks, is regularly audited by the banking authorities to ensure a secure transaction environment. We also ensure that we stay up-to-date with the latest versions of any third-party code we use, and continually review our own proprietary code.