Optyk Rozmus Security Policy
At Optyk Rozmus, all online purchases take place safely, using the latest and best practice internet security & encryption technology to protect our customers. We are fully PCI DSS compliant (to understand what that means please see below) and as such do not store any sensitive information about your purchases or payment details on our servers. Additionally, we fully comply with all 12 PCI requirements listed below.
We encrypt your entire visit to our website. Every page is encrypted using the latest standards and best practice encryption methods. It is not possible to communicate with our servers without a secure connection, so you can rest assured that your data and your visit is safe and trouble-free.
Your personal details are held in a US Department of Defence approved encrypted format so that we may process your order. This additional level of encryption makes it virtually impossible for unauthorised parties to read any information that you send us. If you have questions regarding our PCI compliance please see below or email us at CS@OptykRozmus.com. You can read more about our privacy policy here.
Verified by VISA and Mastercard® SecureCode™
Both of our payment processing providers are highly trusted international payment service providers and as such are regularly audited 3D secure platforms. This means you can expect the highest standards of integrity and security when processing your online transaction. To find out a little more about Verified by Visa and Mastercard SecureCode please read on.
Verified by VISA and Mastercard® SecureCode™ are services from VISA and Mastercard in association with your card issuer to provide added protection when you buy online. There is no need for a new card, you just need to choose your own personal code for your existing card. This information is never shared with us or any other retailer or merchant. It is a private code that means added protection against unauthorised use of your credit or debit card when you shop online. This should not be confused with the normal pin number that you use when shopping in the high street or when using cash machines.
When shopping on our website, you may see an extra step during checkout. This step will be provided by the bank that issued the card you are making the payment with. If you have not already registered your card, you can use this area and follow the instructions to register securely. Once registered you will be able to complete your order normally. From now on you will be required to use your personal code on all subsequent online transactions.
These services are effectively the online equivalent of chip & pin, which is the only secure way to shop in the high street. By replicating this high street security, Optyk Rozmus is providing you with a secure and safe online shopping service.
If you would like to learn more about these services, please click on the links below:
PCI Compliant
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
The PCI DSS was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The core of the PCI DSS is a group of principles and accompanying requirements, we are happy to say we pass all of them having built our systems with PCI compliance at the core of our IT systems:
- Build and Maintain a Secure Network
- Requirement 1: Install and maintain a firewall configuration to protect cardholder data
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect Cardholder Data
- Requirement 3: Protect stored cardholder data
- Requirement 4: Encrypt transmission of cardholder data across open, public networks
- Maintain a Vulnerability Management Program
- Requirement 5: Use and regularly update anti-virus software
- Requirement 6: Develop and maintain secure systems and applications
- Implement Strong Access Control Measures
- Requirement 7: Restrict access to cardholder data by business need-to-know
- Requirement 8: Assign a unique ID to each person with computer access
- Requirement 9: Restrict physical access to cardholder data
- Regularly Monitor and Test Networks
- Requirement 10: Track and monitor all access to network resources and cardholder data
- Requirement 11: Regularly test security systems and processes
- Maintain an Information Security Policy
- Requirement 12: Maintain a policy that addresses information security
We at Optyk Rozmus fully comply with all 12 requirements listed above.