Security

SECURITY

We are proud to use USAePAY as our payment gateway on MidKnightGlass.com. We understand that some are still hesitant to buy online with everything that is going on today in this fast paced world we live in. To ease your mind, we would like to provide the following information on behalf of our partner at USAePAY.

Safety, Security, and Fraud Protection

USAePay ensures this with every transaction.

USAePay takes pride in our high level security, making it our number one priority to make sure your transactions are processed securely. We use the following security measures to ensure your security:

Third-Party Security Scanners/Assessors

USAePay uses multiple third-party security companies to ensure that our security is always meeting the strictest of industry security standards. Every security assessor working with USAePay provides a seal for our clients to view our certification for meeting security standards.

Please click on the seals to verify and see the certifications.

trustwave_certificate  mcafee_Certified  security_metrics_Certificate2

Secure Socket Layers (SSL)

All of USAePay’s communications and processing occur through Secure Socket Layers (SSL). To ensure an even higher level of security, we use 1024-bit SSL encryption with all of our transactions.

Identification Through Secure Source Keys

Each Merchant toolkit communicates with the gateway using a unique high-bit encrypted string called a Key. When information is sent to the gateway, the Key identifies not only the merchant, but also the specific toolkit from which the information originated. It also provides the opportunity for merchants to use separate Keys for each individual toolkit. Merchants can also revoke a Key if they notice that it is being misused.

Fraud Prevention

The USAePay Fraud Stopper is built on a Module Stack Design. Each module controls a different aspect of security and merchants can choose which modules to include in the fraud control stack. Some examples of modules include: duplicate transaction control, block by country, block by IP address, and many more. The Module Stack Design provides the opportunity for merchants to add or change their fraud modules depending on their unique security needs. USAePay is always adding new fraud modules to the Fraud Stopper to keep our merchants up to date with the latest fraud security.

Fraud Stopper also allows merchants to apply different fraud settings to different Keys or Sources. For example, a merchant may wish to implement a high level of fraud control for an online shopping cart, but a lower level on the console for their own employees.

Storing Credit Cards the Secure Way

USAePay realizes that the theft of lists or databases in which credit card information is stored can have dire consequences for merchants and their customers. With this in mind, USAePay has developed a revolutionary new way of storing credit card information.

In the USAePay system, each credit card number is stored individually, making it impossible to steal an entire list or database full of sensitive data. Credit card numbers can only be viewed on an individual basis by unlocking or decrypting each one. If a card number is needed, the requested number is decrypted and unparsed from the system, a process that takes only a few seconds.

USAePay’s non-database system provides the highest possible level of security for credit card data storage.

PCI DSS COMPLIANCE

USA ePay is proud to be one of the very first gateways to become PCI Level 1 compliant. PCI compliance is the standard of security in the credit card processing industry and validates our commitment to the security of our customers.

What is PCI DSS?

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global level.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

Our Level 1 Service Provider

USA ePay is partners with Trustwave for our Level 1 PCI DSS compliance. Every year USA ePay goes through a rigorous security assessment that covers any and all aspects of our security policies and standards which must be enforced.

A Team Effort

PCI DSS compliance is a compilation of all the security standards from all the major credit card associations. These include:American Express DSOP, Discover DISC, MasterCard SDP, Visa CISP & Visa AIS.

USA ePay covers all the required security standards by being PCI DSS compliant. For more information on each association’s requirements, please visit their individual websites.

Our Thoughts

We know that’s a bunch of stuff to read but we feel that you should know how important security is to us. We want each and every customer to feel safe knowing that we’ve taken the proper steps to make sure that your information is protected in the best way possible. We do not use a third party company or contractors for development on our site nor do we outsource any of our ordering process, everything is handled in person by our staff at MidKnighGlass.com headquarters. Thank you if you made it to the end and happy shopping!

-The Team @MidKnightGlass.com

Due to a high volume of orders please allow 2-4 weeks for delivery of any items not marked "Ready to Ship".