Home PageSecurity policy

Security Policy

about-pashminaPayment protection
Security is probably one of the most significant concerns for both the consumer and the retailer during an on-line transaction. In reality an on-line transaction is probably more secure than a card transaction in a shop or conducted over the telephone or by fax.

Our secure payment system is powered by WorldPay, a wholly owned subsidiary of the Royal Bank of Scotland. WorldPay is the leader in secure, multi-currency Internet payment solutions, enabling over 15,000 businesses in 120 countries to sell to shoppers around the world.

Security statement
Information transmitted on-line is encrypted using complicated logarithm combinations, unlike other methods that use standard medium coding. The WorldPay Select payment gateway uses a combination of both established and innovative techniques to ensure the security and integrity of all sensitive data, protecting both the retailers and their shoppers.

All communication between the shopper and WorldPay is encrypted to the maximum strength supported by the shopper’s browser using TLS or SSL (security). WorldPay’s public web servers are certified by Thawte, a public Certificate Authority, ensuring that shoppers and retailers alike can have confidence that nobody can impersonate WorldPay to obtain confidential information.

All communication between the shopper and WorldPay, including the details of the purchase, are encapsulated using WorldPay’s own encrypted and digitally-signed protocol; this uses a combination of standard methods such as PGP, RSA and MD5 to ensure that the information passed is secure and tamper-proof.

Data storage on WorldPay systems, and the communication between WorldPay and the worldwide banking networks, is regularly audited by the banks themselves. WorldPay ensures that they stay up-to-date with the latest versions of any third-party code that they use, and continually review their own proprietary code, using current best practice at all times.

The cardholder is further protected

Card issuers protect cardholders from fraudulent use of their card in a “card not present” environment, such as over the Internet or telephone. As the shopper did not sign for the goods they have the absolute right to demand a chargeback if those goods did not arrive or the card was used fraudulently.