Sydney Heritage Fleet Security policy
In designing our Online Shop, the Sydney Heritage Fleet has taken great care to protect the security of information about you and your order, and particularly the security of your credit/debit card details.
Credit/Debit Card Security
For maximum credit card security, Sydney Heritage Fleet does not deal with your credit card details at all. We hand the entire credit card transaction process over to one of the world leaders in secure internet transactions, PayPal.
PayPal's security can be judged from the fact that the banks allow them to integrate into the bank network.
As you move through our Online Shop, you can choose items to buy, and add them to your shopping cart. When you have reviewed the items, entered your shipping details, and clicked the "Submit" button (but before giving any card details), two things happen:-
1. Your computer sends the order details to our computer.
2. Your computer drops the link to our computer and establishes a highly secure link direct to PayPal's computer (not via our computer). You will see the address change to PayPal's in the address bar on your browser, and the closed security padlock will appear. Your name, address, the dollar amount, the order number and your email address are then sent, highly encrypted, to PayPal's computer.
You then send your credit/debit card details directly to PayPal over the secure link, using very high levels of encryption.
Then several steps take place:-
(a) PayPal's computer checks via the highly secure inter-bank network (which carries all electronic bank transactions, such as when you use an ATM) that your credit/debit card details are correct and that you have sufficient credit/funds.
(b) PayPal's computer moves the payment electronically to the Sydney Heritage Fleet's bank using the inter-bank network.
(c) PayPal's computer sends receipt details and a receipt number securely encrypted back to your computer, so you know immediately that the order has gone through correctly.
(d) PayPal's computer sends a purchase confirmation to the Sydney Heritage Fleet's computer (without card information), which then automatically sends you an email with details of your order and the PayPal Reference Code and Approval Number (but no card information). In the highly unlikely event of something not being right, you have all the information needed to follow up the error.
Note that the credit/debit card information is never handled or seen by the Sydney Heritage Fleet or any of its computers.
This style of card transaction is considered to be more secure than face to face transactions (where card information can be "skimmed" or double swiped), more secure than phone transactions (where lines can be monitored, or unscrupulous operators can steal the card information), and more secure than mail transactions (which can be lost or stolen).
Handling your other data
The Sydney Heritage Fleet's server (the computer that connects our website to the internet) is hosted by Anchor Systems. They pride themselves on their security - "You can rest assured your website is secure when hosted with Anchor Systems. A company's reputation can be seriously damaged by a hacked website or breach in security. We're obsessive about security."
The database file that stores your order (remember, no card details) is in a well protected location (the "cgi-bin") outside the publicly accessible "webspace" on the server. Whenever you communicate information while shopping, you will see "cgi-bin" as part of the address in the address bar of your browser. See our Privacy Policy for details of what we do with that data.
Last modified on Friday, 19-Nov-2010 10:30:25 EST
