We hold the PCI DSS (Payment Card Industry Data Security Standard) certification, which is a global standard established by financial organizations to protect cardholder data and information relating to the protection of personal data. In accordance with the requirements of PCI DSS and payment organizations, all enterprises and operators who store, process or transmit cardholder data should meet stringent security standards.
Meeting the PCI DSS requirements means that the data processed at all points of acceptance, such as card details and PIN numbers, are encrypted, transmitted and stored in accordance with the appropriate procedures and standards. This minimizes the risk of fraud, both for the card holder and for the point of sale where payment is accepted.
At eService, data is transmitted with the TLS 256 bit certificate (TLS 1.2.), which provides the highest standard for secure communication.
The 3D-Secure technology, which we normally use when handling payments, helps us raise the level of security of online transactions. It involves verification of cards before they are used, during which card holders confirm their identity with a special password.
This system is the accepted standard for securing transactions through the identification of the card holder with an additional, usually single-use, password generated by a SECURITY TOKEN or received via SMS. To avoid snooping, this password is not used for transactions that require the physical presence of the card, so it is never identical with the PIN code.
A store which allows card holder identification via 3DS is protected against the effects of possible fraudulent transactions, regardless of whether the card used to make the payment is registered with 3DS or not.