Being a significant payment service provider, Feepal and its payment ecosysyem follows stringent data security standards which include:
SSL security certificate from VeriSign ensures that all transaction data that is transmitted or received is always transmitted in a secure encrypted form
Payment Card Industry and IT Data Security Standards Compliance
PCI-DSS certification ensures that all payment related information is stored in a secure tamper-proof environment. Apart from this data security and process standardization and compliance in our operation has further been re-inforced through additional ISO 9001:2000 and ISO 27001 certifications in combination with the above.
3D Secure Support
Verified by VISA and MasterCard SecureCode adds an extra security layer, preventing misuse of customer card details
Dynamic Checksum and Triangulation technology for Transaction verification and fraud prevention
Our Dynamic Checksum logic and triangulation verification is used for additional transaction security for negating transactional interception. This helps guard against any losses due to fraudulent activities like Man-In-The-Middle (MITM) channel attacks (on the network or the user’s computer) for tampering of transactions like status or of the transaction amount.
Fraud Detection & Prevention
- It is based on a proactive as well as a corrective & preventive action approach.
- It is delivered through a combination of state of the art technology and strong processes.
- Our platform provides for inline fraud detection and prevention as well post facto through a robust detection and investigations process.
- It is rule based and configurable and enhanced constantly through a review and revision process to keep it relevant and comprehensive
- Types of rule sets include Access profiling, user/endpoint profiling, velocity checks, value checks, white-listing & blacklisting, bank specific limits, product specific limits, registration parameters, etc
Internationally Certified Security Standards
- PCI DSS Certified: The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. DirecPay is compliant to new PCI DSS v2.0 Standards, which makes it one of the most secure payment gateways all across the world.
- VeriSign Secure: DirecPay is registered with VeriSign, the world's best and most trustworthy Net Authentication Agency. VeriSign remains the leading provider of the most trusted solutions for online security and helps assure customers that they are safe, from Search to Browse-to-Buy to Sign-in.
- Verified by Visa & Master Card Secure Code: DirecPay is one of the few companies in the world to implement the new Verified By Visa and MasterCard Secure Code protocols which are expected to reduce charge back level by as much as 90%.
Protection of Customer Data Exchanged Online: When you apply online for our service, or provide information to us on our website, you provide personal and financial information that is necessary for us to process your application or payments. This information is sent in a "secure session" established with Secure Sockets Layer (SSL) technology. SSL protects information that is sent over the Internet between your computer and DirecPay by encrypting it and thus prevents misuse and risk of charge backs.
Robust Data Encryption: Unlike normal Internet communication, information provided to DirecPay is sent in secure sessions. SSL is a security protocol that provides data encryption, server authentication and message integrity for a connection to the Internet. Using SSL ensures that the information you exchange with DirecPay is never transmitted unencrypted over the Internet and therefore cannot be viewed by unauthorized individuals. This is done using Verisign's 128-bit encryption, the maximum level of encryption possible on the Internet comparable to security levels used by financial institutions.