Credit Card Security PDF Print E-mail

Transaction on EPCOhardware.com are secure.


Secure Sockets Layer. Cryptographic protocols which provide secure communications on the Internet. SSL provides security for data sent to and from a web site.

Technically speaking, SSL (Secure Sockets Layer) is the accepted protocol used to protect data that is sent between a web site and a web browser. An encrypted SSL connection requires that all data passed between the browser and the web site server be encrypted by the sender and decrypted by the receiver. SSL can prevent unauthorized parties from gaining access to sensitive, confidential, or personal information such as a phone numbers or addresses. Why is SSL useful? Secure connections become very important when you're gathering information from your site's visitors through a web form. By placing the form in a secure directory, the form data will be encrypted when the user submits the form, thus protecting the data and your visitor's personal information SSL also provides peace of mind to web site visitors. When an SSL-enabled connection is established in a web browser, the user will see a lock icon in his browser, indicating that any data transferred between the web site and the browser is secure. Most web users demand this protection when shopping online or submitting sensitive data in a form.

Web Hosting and Merchant Solutions customers can set up SSL on their web sites using industry-standard 128-bit encryption.


Authorize.Net is a payment gateway service that allows EPCOhardware.com to accept credit card  payments through our Web site and over an IP (Internet Protocol) connection. Authorize.Net is the Internet's largest payment gateway service provider.

A payment gateway is an e-commerce application service provider that authorizes payments for web retailers like Closetbay.com. Payment gateways protect credit card details by encrypting sensitive information, such as credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between merchant and the payment processor.

A payment gateway facilitates the transfer of information between a payment portal (such as a website, mobile phone or IVR service) and the Front End Processor or acquiring bank. When a customer orders a product from a payment gateway-enabled merchant, the payment gateway performs a variety of tasks to process the transaction.

  1. A customer places order on website by pressing the 'Submit Order' or equivalent button, or perhaps enters their card details using an automatic phone answering service.
  2. If the order is via a website, the customer's web browser encrypts the information to be sent between the browser and the merchant's webserver. In between other methods, this may be done via SSL (Secure Socket Layer) encryption. The merchant then forwards the transaction details to their payment gateway. This is another (SSL) encrypted connection to the payment server hosted by the payment gateway.
    1. The payment gateway may allow transaction data to be sent directly from the customer's browser to the gateway, bypassing the merchant's systems. This reduces the merchant's PCI-DSS compliance obligations without redirecting the customer away from the website.
  3. The payment gateway forwards the transaction information to the payment processor used by the merchant's acquiring bank.
  4. The payment processor forwards the transaction information to the card association (e.g., Visa/MasterCard) The credit card issuing bank receives the authorization request and does fraud and credit or debit checks and then sends a response back to the processor (via the same process as the request for authorization) with a response code [eg: approved, denied]. In addition to communicating the fate of the authorization request, the response code is used to define the reason why the transaction failed (such as insufficient funds, or bank link not available). Meanwhile, the credit card issuer holds an authorization associated with that merchant and consumer for the approved amount. This can impact the consumer's ability to further spend (eg: because it reduces the line of credit available or because it puts a hold on a portion of the funds in a debit account).
    1. If an American Express or Discover Card was used, then the processor acts as the issuing bank and directly provides a response of approved or declined to the payment gateway.
    2. Otherwise [eg: a Mastercard or Visa card was used], the card association routes the transaction to the correct card issuing bank.
  5. The processor forwards the authorization response to the payment gateway.
  6. The payment gateway receives the response, and forwards it on to the website (or whatever interface was used to process the payment) where it is interpreted as a relevant response then relayed back to the merchant and cardholder. This is known as the Authorization or "Auth"
  7. The entire process typically takes 2–3 seconds.[4]
  8. The merchant then fulfills the order and the above process is repeated but this time to "Clear" the authorization by consummating the transaction. Typically the "Clear" is initiated only after the merchant has fulfilled the transaction (eg: shipped the order). This results in the issuing bank 'clearing' the 'auth' (ie: moves auth-hold to a debit) and prepares them to settle with the merchant acquiring bank.
  9. The merchant submits all their approved authorizations, in a "batch" (eg: end of day), to their acquiring bank for settlement via its processor.
  10. The acquiring bank makes the batch settlement request of the credit card issuer.
  11. The credit card issuer makes a settlement payment to the acquiring bank (eg: the next day)
  12. The acquiring bank subsequently deposits the total of the approved funds into the merchant's nominated account (eg: the day after). This could be an account with the acquiring bank if the merchant does their banking with the same bank, or an account with another bank.
  13. The entire process from authorization to settlement to funding typically takes 3 days.
Last Updated on Monday, 17 February 2014 09:38

buy now3