We use Sage Pay (www.sagepay.co.uk) – a secure online payment gateway for credit card processing that has achieved the highest level of compliance under the Payment Card Industry Data Security Standard (PCIDSS). They adhere to the most stringent levels of fraud screening, ensuring that your details remain secure throughout the transaction process.
All transaction information passed between www.freedomtreks.co.uk and the Sage Pay VSP Systems is encrypted using 128-bit SSL certificates. No cardholder information is ever passed unencrypted and any messages sent to our servers from Sage Pay are signed using MD5 hashing to prevent tampering. You can be completely secure in the knowledge that nothing we pass to the Sage Pay servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.
Encryption and Data Storage
Once on Sage Pay’s systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards used by, among others, the US Government. The encryption keys are held on state-of-the-art, tamper proof systems in the same family as those used to secure VeriSign's Global Root certificate, making them all but impossible to extract. The data they hold is extremely secure and they are regularly audited by the banks and banking authorities to ensure it remains so.
Links to banks
Sage Pay has multiple private links into the banking network that are completely separate from the Internet and which do not cross any publicly accessible networks. Any cardholder information sent to the banks and any authorisation message coming back is secure and cannot be tampered with.
Please see the following link for further information: www.sagepay.co.uk.
Freedom Treks also assessed against the PCIDSS standards to ensure that we safely handle your payment details when you call us to place an order. Our current compliance certificate is issued by Sysnet on behalf of our merchant provider First Data and is valid until 08 October 2019.
Website security validation
The validation SSL certificate for our website is provided by CloudFlare and is valid until 28 November 2019. This provides the highest level of business authentication available, according to standards set down by the CA/Browser Forum. The green HTTPS browser address bar is your assurance that you are dealing with a verified business on a secured domain. For more information please visit the Cloudflare website at https://www.cloudflare.com.
Internet fraud - 'Phishing'
Phishing is the illegal collection of personal data by deception. Emails are sent asking for personal details to be entered into a cloned illegal website. These details are then used for fraudulent purposes. Please note:
- Freedom Treks will never ask you by email to enter personal information into a website.
- We will only ask for credit or debit card information by phone if you choose to amend or cancel your order.
- Email correspondence from Freedom Treks will never come from a public email provider such as yahoo or hotmail.
- If you suspect an email claiming to be from Freedom is fraudulent, please forward it to [email protected] and then delete it from your system.