The PayPal site is highly secure. We use industry-leading technology (such as SSL) to keep your information safe.
PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available). Before you even register or log in to the PayPal site, our server checks that you're using an approved browser - one that uses SSL 3.0 or higher.
Once your information reaches the PayPal site, it resides on a server that is heavily guarded both physically and electronically. PayPal servers sit behind an electronic firewall and are not directly connected to the internet, so your private information is available only to authorized computers.
The WorldPay payment system uses a combination of both established and innovative techniques to ensure the security and integrity of all sensitive data. Furthermore, our public web servers are certified by Thawte, a public Certificate Authority, ensuring that both the shopper and retailer can have confidence that nobody can impersonate WorldPay to obtain confidential information.
The transfer of the purchase details from the retailers site to WorldPay are encapsulated using our own encrypted and digitally-signed protocol. This uses a combination of standard methods such as PGP, RSA and MD5 to ensure that the information passed is secure and tamper-proof via SSL.
Any communication between the shopper and WorldPay is also encrypted to the maximum strength supported by the shopper's browser using 128 Bit SSL. Shoppers are also protected from fraudulent use of their card in a "card not present" environment, by their card issuers. The card issuers provide the right for shopper to dispute a transaction if the goods/services did not arrive or if the card was used fraudulently.
Security is of paramount importance to Braintree. We focus on providing a secure environment that goes above and beyond industry security standards and guidelines.
Braintree is a validated Level 1 PCI DSS Compliant Service Provider. We never store raw magnetic stripe, card validation code (CAV2, CID, CVC2, CVV2), or PIN block data. Storage of this data is prohibited by the PCI DSS. All communication between merchants and us is conducted in a secure fashion using TLS (Transport Layer Security).