With so much attention focused on the recent security breaches at several retailers, we'd like to take a moment to tell you how and what RadTech has been doing to keep our clients safe online. In the information that follows, we'll demonstrate both our unwavering commitment to our clients' personal data security, and our comprehensive use of the most advanced methods and techniques to ensure that RadTech remains the safest place to shop online.
From the day RadTech opened for business 12 years ago, we've viewed the security of our clients' personal information as one of our ultimate responsibilities. Acting on that commitment, we have always operated at the leading edge - continually implementing the very latest methods to ensure the privacy and protection of our customer data. In fact, RadTech has always adopted and implemented new cyber security protocols long before they're required by the Payment Card Industry (PCI).
To combat a hacker, you have to think like a hacker.
It must first be said that regardless of security measures taken, no system can ever be 100% secure. However, it is possible to get very close - much closer than the vast majority of firms transacting credit cards today.
There are 3 primary routes (vectors) that attackers exploit to steal your credit card data when shopping online. What follows is a description of each and what we do to secure them.
Directly accessing a merchant's database containing their customer's credit card data
This is the most common type of credit card data breach
We've taken this one completely off the table as we do not store credit or debit card account numbers in a database - in fact, our web servers never even see your payment card number. RadTech uses an ingenious data exchange method called Tokenization, whereby the payment card field on our Checkout page sends the payment card number directly to the processor (not part of our site) as part of a strongly encrypted stream. The credit card processor then returns a token that is only usable by us to receive payment against the card. The token can't be utilized by a third party to make a payment since it's directly tied to our card processing account.
Covertly installing software on a merchant's Checkout page
Captures credit card data that's being entered - secretly sending it to the attacker
We employ various methods to guard against attacks from this vector. In the interest of maintaining our high level of security, we must be careful not to divulge specific details of our methods - so as not to provide an attacker with any advantage. In broad terms, we utilize ultra-strong encryption as a means to prevent access to the underlying code on our web site, coupled with careful monitoring that automatically alerts us if our software has been modified in any way.
Masquerading as a credit card processor, thereby tricking a merchant's systems
Merchant's system believes that it's talking to a legitimate processor (man in the middle attack)
This is a very specialized attack route - and again, we must use a high level of discretion in describing our defenses to avoid compromising our own security. On the most basic level, we employ one of the world's leading data security firms, SecurityMetrics, to continually and physically test for all known cyber exploits against our web site. SecurityMetrics is one of only two firms in the world certified by Visa, MasterCard and the PCI security Council to perform forensic investigations. As a certified forensic investigator, SecurityMetrics examines every type of attack that's been perpetrated and can then test our site for resistance to such attacks, as well as make informed recommendations on how to best prevent them.
RadTech spares no expense and employs the world's foremost cyber security experts to ensure that your privacy and shopping experience is as safe and secure as possible. Providing you with a safe and worry-free online shopping experience is an ongoing process and we are wholly committed to earning and maintaining your trust each and every day.