WorldbridgE Commerce employs systems that have been built from the ground up with security in mind. Hardened servers, point-to-point enterprise level data encryption, secure communication pathways and multiple firewall layered security.
All of our systems are PCI-Compliant, and we aim to have all our system certified within 2015 to ensure an even higher level of peace-of-mind for our users.
All cardholder information is stored in database servers behind a configured firewall. Furthermore, an extra layer of security is provided by routing all traffic requests via specialised third-party vendors whose sole job it is to track incoming traffic for potential threats.
All passwords to core systems at WorldBridgE Commerce are longer than ten digits and contain a mix of alphanumeric characters. Passwords are changed at regular intervals for increased security.
Cardholder data is encrypted with a unique encryption key. This key has been randomly generated using a RNG (Random Number Generator) and the key is kept in a secure location.
Cardholder data is encrypted using 256-bit AES (Advanced Encryption Standard). This is the same level of encryption used by banks, and has been approved by the US Secretary of Commerce for use in the US Federal Government.
Our servers are scanned automatically at regular intervals with industry-leading software. Additionally, we also employ third-party vendors to test our systems on a yearly basis.
Our software development is handled exclusively by experienced technical engineers who have a track record of building and deploying PCI-DSS compliant applications.
Nobody in WorldBridgE Commerce has access to a cardholder’s card data, with the exception of the last four digits of the card number. To be able to view these details a case needs to be made with our security partners who will then be able to release only the information required.
Not only do we assign a unique ID to each user in our system, but each individual action of each user is tracked, and these actions are stored in logs that are not editable by anyone in the company. These logs are used by both internal and external auditors to make sure that all security measures are being upheld.
Cardholder data is not kept in-premise, but on secure enterprise-level Tier 3+ 2N Data Centers that are surrounded by 3m high security fencing, biometric access control, card access proximity readers on all doors, and biometric entry controls.
All access to network resources and cardholder data is logged in separate locations with limited access. These logs are reviewed regularly by both automated systems and human auditors for suspicious activity.
WorldBridgE Commerce has yearly full system security reviews by third party solution partners, and employs a system of managed clustered servers that are constantly kept up to date with the latest security patches, as and when they are released.
WorldBridgE Commerce is currently creating a publicly available information security policy to inform cardholders of how their card details are protected.