To provide security for your online purchases on our web site, we have chosen the secure online payment ensured by WorldPay. The secure payment system technology SSL (Secure Sockets Layer) allows you to process, through an SSL-compliant browser such as Internet Explorer or Netscape Navigator, an end-to-end encrypted purchase transaction without fear of an intermediary obtaining your credit card information. For more information about online purchase security, please read the notes below provided by WorldPay.

Please note, Audigist does not store any credit card information on our systems or at our premises.

When you are asked to provide your credit/debit card details you should see on the bottom of your browser an unbroken key or locked padlock indicating you are in a secure transaction mode. You are then communicating with a secure server that has direct access into the UK banking gateways, which allows instant authorisation of credit/debit cards. This system allows the hosting of a secure form on secure servers.

The credit card information is securely encrypted by the script and communicated via the Internet to one of WorldPay's gateway servers, which links immediately to the appropriate bank to request authorisation. All transactions that pass credit card number validity checks are sent to the bank for authorisation. At the same time, WorldPay's Fraud Control System runs a parallel check to investigate the likelihood of the transaction being fraudulent. This system is programmed to look for known patterns of suspicious activity or information, and returns a 'confidence level'. In the event of a low confidence level - even if the transaction is authorised by the bank - the merchant is left with the decision whether to further verify the identity of the customer before shipping any goods, helping to avoid any chargeback of the payment. The AVS (Address Verification System) is also performed to let the merchant know if the credit/debit card used is associated with the customer's details filled on the merchant's web site.

If the transaction is successfully authorised by the bank, this result is transmitted back to the merchant site, together with the transaction reference and the value of the confidence level. The authorisation process checks that the customer has sufficient funds to cover the transaction amount, and allocate the required amount for the transfer to the merchant.

A credit card transaction is a two-stage process. After authorisation, the second stage is payment processing (i.e. transferring the funds to the merchant account).

Digital signatures are used throughout the system in order to ensure that transactions arriving at a gateway are from an identifiable merchant, and that any information passed back to the merchant is from a WorldPay gateway. Each signature uniquely identifies its source. Gateways also communicate with each other and with the control system using such digital signatures. In the event that a merchant's digital signature becomes a security risk (e.g. if their server is stolen), the appropriate signature will be immediately revoked and will no longer function within the system.

All communication within the system are strongly encrypted using 2048-bit RSA encryption with variable 168-bit session keys (i.e. each transaction uses a new key). This is significantly (many billions of times) more secure than standard browser SSL security provided by, e.g. Internet Explorer. WorldPay encryption is also much more secure than that specified for the SET (Secure Electronic Transaction) protocol. The high level of encryption used is forecast as not being a requirement until the year 2015. The encryption is of course totally transparent to the merchant and his/her customers.

All credit and debit cards carry a security code number. This number is known to the bank and printed on the card, but it is not stored or printed anywhere else. So, it can be used to check that the person using the card to make a purchase is in physical posession of the card, or has at least seen the card at some time. To find the number, look at the signature strip on the back of your card. The security code is the three digit number at the top-right corner of the strip. (Note: American Express cards are different - the security code is the four-digit number above and to the right of the embossed card number on the front of the card.)

The security code number adds an extra level of confidence to your internet transactions. As it is not stored on the magnetic strip, and is never printed on card payment slips, the only way a fraudster can obtain your security code number is by looking at the number printed on your card. This means that someone who has obtained your card number from, for example, a discarded payment slip, will not be able to use it to make purchases, unless they make a very lucky guess at the security code.