Security. Our #1 Priority.
eCredable takes your security seriously.
Below is a summary of the measures eCredable takes to protect your information and descriptions of the ways we implement these measures.
Security Measures We Take:
Secure Socket Layer (SSL)
eCredable.com SSL certificates support both industry-standard 128-bit which is used by banks to safeguard sensitive data and high-grade 256-bit SSL encryption to protect online transactions. The actual encryption strength on a secure connection is determined by the user’s browser and the server that the website resides on. Encryption strength is measured in key length or the number of bits in the key. To decipher an SSL communication, one would need to generate the correct decoding key. 128-bit and 256-bit keys involve 2,128 and 2,256 possible combinations respectively, rendering the encrypted data virtually impossible to crack by an unauthorized party.
Read more about SSL here on Wikipedia: http://en.wikipedia.org/wiki/Secure_Socket_Layer
Double click on the "GoDaddy.com Secured" icon below or in the footer and you'll see the validity of our site SSL security. It reads, "This Web site is secured with a GoDaddy.com Web Server Certificate and GoDaddy.com has verified that the Certificate is valid (04/09/2013 18:01:56 GMT to 04/08/2014 22:47:21 GMT)."
eCredable uses a leading provider of Payment Card Industry compliance (PCI compliance) and security solutions focused to combat new security threats and fraudster methods. Payment Card Industry Data Security Standards (PCI DSS) are network security and business practice guidelines adopted by Visa, MasterCard, American Express, Discover Card, and JCB to establish a “minimum security standard” to protect customer’s payment card information. It’s a requirement for all websites that store, transmit, or process payment card information. eCredable adheres to PCI (payment card industry) compliance standards for data security. We have partnered with Trust-Guard.com who is a leading provider of PCI compliance and security solutions. Our PCI compliance is a multifaceted security standard that includes requirements for security management, policies, procedures, website and network design, and other critical protective measures. This comprehensive standard is intended to proactively protect member account data. In order to say we are "PCI Compliant", eCredable's website must pass a thorough weekly scan more than 45,400 known vulnerabilities, in accordance with PCI Security Standards.
Double click on the "SECURITY SCANNED" icon below or in the footer and you'll see the validity of our site security.
Payment Gateway Security
You can be confident in knowing that eCredable.com is a verified Authorize.Net merchant. Authorize.Net is committed to providing its merchant customers with the highest level of transaction processing security, safeguarding customer information and combating fraud. More merchants trust Authorize.Net than any other payment gateway to process their eCommerce transactions securely. For more information about the benefits of Authorize.Net’s secure transaction processing, please visit the Authorize.Net Web site.
Double click on the "Authorize.Net" icon below or in the footer and you'll see the validity of our transaction processing security.
Cloud Computing Security
Our platform utilizes a highly scalable cloud computing solution where speed, reliability and availability are necessary. This innovative hosting technology allows capacity to expand and contract during different traffic levels, with 99.95% uptime. State of the art security measures have been designed directly into the operations of the eCredable.com platform. This core security-design paradigm ensures end-to-end data protection and regulatory compliance. The platform employs such measures as Tier-One Hosting, Tier-One Firewalls, high-level data warehouse encryption, isolated databases through data management application layers, controlled session times, on-screen encrypted passwords with challenge and response user security measures as well as numerous other industry best practices.