Inherent to our operations and business approach is the need to provide a secure, robust and reliable payment processing service. Information security is our top business priority. To this end we have invested in extensive security controls and infrastructure.
Realex Payments are certified and approved by several leading financial institutions. Our systems and security controls are based on current industry standards. There are several layers of technology in place to ensure the confidentiality, authentication and integrity of information.
- Realex Payments have been accredited with the AIS (Account Information Security) certification by VISA and is one of the few companies in Europe to achieve this. This shows our commitment to above industry standard in every aspect of payment processing.
- Realex is fully PCI compliant to the highest level of PCI, and was one of the first PSP’s in Europe to deliver this with Level 1 certification achieved in October 2003. We appeared on the VISA website as a case study on implementing the PCI DSS.
- Information is sent to us from businesses via the internet and we connect to financial institutions with whom we are fully certified and approved.
- All information when in transit via the internet is encrypted (128bit SSL) to ensure confidentiality of sensitive data.
- All messages sent to us and the responses from us are authenticated using digitally signed digests.
- All requests are verified against a legal list of IP address and referring URLs.
- Our technical infrastructure is located in secure co-location facilities that have 24x7 manned security and advanced building management systems along with environmental controls.
- Critical servers and applications are monitored constantly to threshold levels and Realex Payments staff is instantly alerted via our real time monitoring and alerting service.
- All connections to the financial institutions are over private dedicated leased circuits, backed up with ISDN lines and in certain cases VPN connections over the internet.
- The network is designed to be highly resilient with duplicate and triplicate systems in place depending on the critical nature of each component.
- Realex Payments are registered with the data protection commissioner as a "Data Processor". Cardholder information is encrypted and not displayed in our reporting systems - realcontrol.