High Security
The ShopSite® High Security logo may be displayed by ShopSite stores that meet stringent payment information handling guidelines designed to protect the shopper's credit card information.
The High Security logo (sample on right) is generated at the time the page is viewed, and will only display if the store is currently configured to protect the payment information in one of the following ways:
- The merchant collects and stores payment information securely
In order to qualify for the highest security logo, merchants who collect and process credit card payments must use SSL encryption (e.g. https://) on the shopping cart page where the information is entered, and the information must be stored using 1024-bit public/private key encryption. The merchant must also use SSL encryption to view or download payment information.
- The merchant uses a real-time payment processor
Merchants who use a real-time payment processor, such as PayFlow Pro or Authorize.Net, can qualify for the highest security logo if they collect payment information in the shopping cart on an SSL encrypted page, and transmit that information to the payment processor over an encrypted SSL connection (e.g. https://). If the merchant stores the payment information, it must be stored using 1024-bit public/private key encryption and only viewed or downloaded over an SSL encrypted connection.
- The merchant uses a third-party payment system
Merchants who use an authorized third-party payment system, such as PayPal or Amazon Pay, qualify for the highest security logo. These merchants never collect or store payment information because customers are sent to the third-party site to provide payment information.
- The merchant uses a mix of these methods
Merchants who offer multiple payment options, such as a third-party system as well as real-time credit card processing, must meet all the security requirements for each individual payment option.
