Optyk Rozmus Security Policy
At Optyk Rozmus, all online purchases take place safely, using the latest and best internet security & encryption technology to protect our customers. We are fully PCI DSS compliant (to understand what that means please see below) and as such do not store any sensitive information about your purchases or payment details on our servers. Additionally we fully comply with all 12 PCI requirements listed below.
We encrypt your entire transaction including your credit card information to ensure your purchases with us are private and protected as they travel to us via the internet. We accept orders only from Web browsers that can use Secure Socket Layer (SSL) or TLS1.2 technology - this means you cannot inadvertently send your credit card or payment details through an unsecured connection. Most web browsers now support this.
Your personal details are held in a US Department of Defence approved encrypted format so that we may process your order. This additional level of encryption makes it virtually impossible for unauthorised parties to read any information that you send us. If you have questions regarding our PCI compliance please see below or email us at CS@OptykRozmus.com
Verified by VISA and Mastercard® SecureCode™
When purchasing with Optyk Rozmus, we use either Transferuj.pl or Platnosci.pl to clear your payment. Both Transferuj.pl and Platnosci.pl are highly trusted international payment service providers and as such are 3D secure as well as either Thwait or Verisign assured. This means you can expect the highest standards in integrity and security when processing your online transaction. To find out a little more about Verified by Visa and Mastercard SecureCode please read on.
Verified by VISA and Mastercard® SecureCode™ are new services from VISA and Mastercard in association with your card issuer to provide added protection when you buy online. There is no need for a new card, you just need to choose your own personal code for your existing card. This information is never shared with us or any other retailer or merchant. It is a private code that means added protection against unauthorised use of your credit or debit card when you shop online. This should not be confused with your normal pin number that you use when shopping in the high street or when using cash machines.
When shopping on our website (currently only available on credit cards but not debit cards), you may see and extra step during check out. This step will be provided by the bank that issued the card you are making payment with. If you have not already registered your card, you can use this area and follow the instructions to register securely. Once registered you will be able to complete your order normally. Once registered, you will then be required to use your personal code on all subsequent online transactions.
These services are effectively the online equivalent of chip & pin, which is the only secure way to shop in the high street. By replicating this high street security, Optyk Rozmus is providing you with a secure and safe online shopping service.
If you would like to learn more about these services, please click on the links below:
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
The PCI DSS was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The core of the PCI DSS is a group of principles and accompanying requirements, we are happy to say we pass all of them having built our systems with PCI compliance at the core of our IT systems :
Build and Maintain a Secure Network
- Requirement 1: Install and maintain a firewall configuration to protect cardholder data
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
- Requirement 3: Protect stored cardholder data
- Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
- Requirement 5: Use and regularly update anti-virus software
- Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
- Requirement 7: Restrict access to cardholder data by business need-to-know
- Requirement 8: Assign a unique ID to each person with computer access
- Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
- Requirement 10: Track and monitor all access to network resources and cardholder data
- Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
- Requirement 12: Maintain a policy that addresses information security
We at Optyk Rozmus fully comply with all 12 requirements listed above.