'Information is our life-blood and we guard it zealously.'
To ensure overall data security and prevent unauthorized access, our company uses a number of robust security mechanisms. TechProcess aims to keep updated of global security trends & guidelines to offer world class products to its customers. It is this philosophy that has made it possible for us to achieve the ISO 27001:2005 & PCI-DSS (version 1.2.1) Certifications.
Click on image for larger view ISO 27001:2005
Security Framework
We are ISO 27001:2005 compliant. This is the most widely recognized information security standard in the world. We are one of the thousand companies globally to have been awarded this certification and among the first few in India.
Complete security of our client's transactions and privacy of all confidential information is the foremost consideration of our service. We follow very a high level of security within each process, function and the entire organization.
Information Security & Risk Management Practices
TechProcess is aware that information is vital (in any form) and constitutes an important asset for the organization. We have therefore defined appropriate procedures and protection requirements for the same.
We ensure security to all internal and external information through a structured ‘Information Security Management System’ (ISMS) that governs all security implementation and information monitoring within our organization. We also follow risk management frameworks that are designed to review and audit the data security mechanisms periodically. As part of this exercise, we have completed a number of activities including defining and implementing policies and procedures for all aspects of business, security awareness training programs across all levels, and establishment of a risk assessment methodology for critical business and information assets.
Through these initiatives, we have earned ourselves the ISO 27001:2005 certification which not only differentiates us from our competitors, but also increases internal business efficiency, and assures infrastructure integrity and information security for our clients.
Click on image for larger view PCI-DSS (Version 1.2.1)
TechProcess’ online payments processing platform has been assessed and certified as compliant to the PCI-DSS (Version 1.2.1) standard.
PCI DSS stands for Payment Card Industry Data Security Standard. The standard represents a set of security practices that help ensure the safe handling of card data by preventing fraud through increased controls. This standard applies to all organizations that store, process, or exchange cardholder information related to American Express, Discover, JCB, MasterCard or Visa branded cards.
With the PCI-DSS Certification in place, Techprocess’ payment gateway can ensure the highest standards of security & compliance w.r.t.:
- Establishment of a secure network in which online transactions are conducted
- Safe storage & encryption of card holder data during transmission
- Updated anti-virus software that protect systems against the activities of malicious hackers
- Access to system information & operations strictly on a need-to-know basis
- Constantly monitored & regularly tested networks that ensure that all security measures & processes are in place & functioning properly
- Establishment of a formal information security policy
With the internet emerging as a mainstream channel for business, cutting-edge security has become a very important consideration in selecting a payment processing platform. The PCI-DSS compliance will lead to increased controls for online card based transactions on the Techprocess payment gateway – this will mean more comfort & greater confidence in transacting online for the end customer, merchant & bank.
General Security Practices
To ensure confidentiality of client's transactions, TechProcess uses a number of security processes such as:
-
Encryption
Unlike regular internet communication, information submitted to us at our website is sent in a "secure session" established with Secure Sockets Layer (SSL technology). SSL technology encrypts the information that is sent over the internet between the client's browser and the website. The encryption is done using 128-bit RC4 encryption, the maximum level of encryption possible online -
Secure Firewall
Our server is protected by Security Firewalls that ensure maximum protection and prevent unauthorized access to information. The firewall is configured to receive and process requests only from authorized personnel and can detect unauthorized activity around our server. Firewalls guarantee that the information is inaccessible to a third party. -
Back-up of data
Regular data back-ups are taken so that appropriate recovery measures of the latest information can be initiated, in case of any hardware problems. -
TechProcess doesn't use Cookies to capture your personal information
We do not establish web "cookies" during your session. Hence, no one will be able to access the service without entering a valid login ID and password. The sessions will automatically time-out after 10 minutes of inactivity and you will be prompted to login again.
