Realex Security Statement
Inherent to our operations and business approach is the need to provide a secure, robust and reliable payment processing service. Information security is our top priority and one of our company values. To this end we have invested in extensive security controls and infrastructure and we’re constantly updating and improving our online payment systems to ensure that your money always gets where it needs to go, safely and securely.
Realex Payments are a highly trusted online payment card processor who employs a team of full time information security staff who are seen as experts in their industry.
Realex Payments are certified and approved by several leading financial institutions. A full list of all financial institutions that Realex Payments work with can be viewed here. Our systems and security controls are based on current industry standards and our staff continually research changes in the industry to ensure our controls are updated when required. There are several layers of technology in place to ensure the confidentiality, authentication and integrity of information.
Realex Payments have been accredited with the Account Information Security (AIS) certification by VISA and are one of a small amount of companies in Europe to achieve this. This shows our commitment to above industry standard in every aspect of payment processing.
The Payment Card Industry Data Security Standard (“PCI DSS”) was established in 2004 as an industry-wide set of requirements and processes to help ensure that cardholders can make purchases confident in the knowledge that their credit card information will be protected from fraudsters.
Realex Payments are compliant with PCI DSS Version 3 Level 1, the highest level of PCI compliance, and Realex Payments were one of the first service providers in Europe to achieve this Level 1 certification in October 2004. Realex Payments appeared on the VISA website as a case study on implementing the PCI DSS. To view our latest PCI-DSS certificate, please click here. To view PCI DSS Version 3 requirements regarding security and compliance as a shared responsibility between Realex Payments and our clients, click here.
Information is sent to us from businesses via the internet and we connect to financial institutions with whom we are fully certified and approved.
All information that is transmitted to Realex Payments over the internet is protected to ensure confidentiality. In addition to this confidentiality control all messages sent to and from our services are authenticated using digitally signed digests.
All requests are verified against a legal list of IP address and referring URLs.
Our technical infrastructure is located in secure co-location facilities that have 24x7 manned security and advanced building management systems along with environmental controls.
Critical servers and applications are monitored constantly to pre-defined threshold levels and Realex Payments staff is instantly alerted via our real time monitoring and alerting service.
All connections to the financial institutions are over private dedicated leased circuits, backed up with ISDN lines and in certain cases VPN connections over the internet.
The network is designed to be highly resilient with duplicate and triplicate systems in place depending on the critical nature of each component.
Cardholder information is encrypted and hashed when stored on Realex Payments systems and will not be displayed in our reporting systems.
We perform regular tests and employ external auditors to test our security standards. All our employees comply with our strict internal security policy and attend training as part of our induction programme and regularly thereafter.