We take the importance of security in electronic transactions very seriously. We have taken all the necessary measures to ensure the payment services are delivered with the highest security.
1. Viva Payments
In today's environment, transaction security is vital for all businesses and organizations. Viva as a payment institution, adheres to the PCI Data Security Standard (PCI DSS) so as to:
- Protect the privacy of its customers
- Enhance customer confidence through a higher level of data security
- Protect its customers from financial loss and 'redress' costs
- Maintain confidence and protect the reputation of the customer's name
Viva is PCI-DSS certified and implements the prerequisite security policies which are constantly evaluated by a certified security auditor.
Energyled & Viva do not store customer card data on their systems. The data is encrypted and transmitted to the international organizations. Personal and confidential data is stored only in encrypted form on the Viva servers, which do not have direct connection to the Internet.
Ensuring Data Transfer Security of Energyled
To ensure data transfer security the encryption protocol EV SSL-128bit is used. The system is implemented in cooperation with the company Thawte, which specializes in security transactions.
Access to the systems of Viva is controlled by firewalls, which allow the use of specific services to customers/visitors while prohibiting access to Viva systems and databases which use and store sensitive data. To ensure maximum data protection, as required by PCI-DSS, Viva uses the latest technology for tracking malicious attacks (Intrusion Detection and Denial of Service Protection Systems). In terms of physical access, Viva hosts the entire infrastructure at Rackspace (Level 1 Certified Services Provider), a UK based certified PCI-DSS data center. The data center has 24x7 security and only authorized employees have access to the data halls. Security engineers from Obrela Security Industries provide 24 hour surveillance of the hosting facilities and of external threats from the internet. All necessary security patches are applied to prevent potential threats. All systems have followed a rigorous process of hardening in accordance with the requirements of the PCI-DSS.
From the beginning to the conclusion of your on-line session, all information and personal data is encrypted using 128-bit Secure Socket Layer (SSL) encryption. Encryption is basically a way of encoding information until it reaches the specified recipient, who will be able to decode it using the appropriate key. Every time you make a payment with Viva, all communication between your computer and Viva systems is encrypted using the 128 bit EV key from Thawte (the most recognized company in issuing cryptographic keys for banking services). This means that each time you send information to the system, your browser encrypts the key using the first 128 bits and then transmits the encrypted data to the system. The Viva system first decrypts the information obtained using the same key (assigned as soon as the connection is initiated with the service) and processes it. The Viva systems transmit data using the same encryption process.
Viva Payment Services is a payment institution licensed by the Bank of Greece. The same basic principles that apply to traditional banking also apply to Viva. All information supplied by the card holder to Viva is confidential. Regarding the PCI-DSS certification, Viva has taken all necessary steps deemed necessary in the context of the services provided.
To ensure data privacy is respected, personal data is stored on a secure "central server". Adhering to N.2472/1997 "on the Protection of Individuals with regard to the Processing of Personal Data". Respecting personal data, keep your personal information in a secure central server "central server". Viva has the right to maintain a secure record of personal data from employees, partners, customers and suppliers, which may be transmitted in Greece and abroad, provided that the database and data transmission are in accordance with the business purposes of Viva and the Law as stated in N.2472/1997 "on the Protection of Individuals with regard to the Processing of Personal Data".
All transactions occurring in Energyled.gr are implemented via PayPal’s secure environment. Every time a clients proceeds to payment, he/she is automatically redirected to PayPal’s secure environment. Once the payment process is completed, he/she is automatically redirected back to Energyled.gr, depending on the payment’s outcome. PayPal payment processes are conducted based on a totally secure environment which makes use of data encryption and cryptography via SSL (Secure Socket Layers). Moreover, PayPal is one of the leading payment getaways worldwide.
For more information regarding PayPal, please click here.