PalmBeachAutographs.com is committed to the security of all of our online transactions.
Our E-Commerce shopping cart platform that has been certified through the Visa Payment Application Best Practice (PABP) assessment.
We also support Verified By Visa/Master Card 3-D secure in the US and U.K. for selected gateways.
PABP certification indicates adherence to strict security policy and procedural guidelines outlined by VISA/MasterCard to help ensure PCI compliance in your installation. Our storefront worked with one of the best independent VISA/MasterCard approved auditing firms for our certification. PABP release fully tested in PCI compliant environment for VISA/MasterCard Certification.
In addition we’ve implemented the following security practices:
- Supports SSL Encryption for secure ordering. Cart automatically switches into secure mode appropriately
- IP Address Tracking: For safety and auditing, IP addresses are logged
- AVS (Address Verification) reporting from gateways in all orders
- Integrated MaxMind Geolocation Fraud Detection (requires optional MaxMind account)
- Require periodic password changes
- Password Salting + Hashing
- CAPTCHA Image login protection (protects against automated BOT login attacks
- All Password Change Operations Logged
- RegEx AppConfig control over strength of passwords required for store logins and admin logins
- Support for dynamic encryption key changes via admin site
- Store Admin specified encryption salting so every order record contains a separate encryption key
- Encrypted database connection strings in web.config files
- Secured password protected Store Administrator Control Panel
- (Windows Smart Client) Integrated .net security roles and support
In addition to in-house testing, our storefront has had Independent Security Audits Performed.
Assessment included checks for:
- Secure Coding Practices and Encryption
- Validating parameter length that could lead to a Buffer Overflow
- Various Buffer Overflows
- Cookie manipulation / Cookie Poisoning
- SQL Injections
- Cross Site Scripting Attacks
- Mis-Configured Servers
- Man In The Middle Attacks using a Web Proxy
- SSL Version Hacking
If there is any concern about the security of your transaction on PalmBeachAutographs.com, please contact firstname.lastname@example.org.