Credit Card Non Storage Practice (CCNSP)
Netports Australia accepts credit card payments for services on this website. We utilise the  e-Path credit card payment gateway to facilitate the accepting of your credit card charge authorisation online.
There is NO permanent storing of your credit card data or transaction history online with either e-Path or Netports.
Once Netports is in receipt of your credit card charge authorisation, as far as the internet is concerned it is as if the transaction never occurred. Nothing exists in any database on any webserver pertaining to your credit card numbers or details of your transaction. No names, no credit card numbers, no credit card expiry dates, no amounts, nothing is permanently stored online.
This is very different to almost every other web hosting company where details from your credit card transaction will be permanently stored on web servers on the internet, either by them themselves or by their "real time" payment gateway. Indeed, with most you can even "log in" to update your credit card numbers online - proof your credit card details are being permanently stored on a web server accessible on the internet.
It is a fact that no matter how good the security, when data is permanently stored on web servers and accessible online it can never be guaranteed 100% safe. In fact a large portion of credit card fraud in the world today can be directly attributed to the storing of credit card details within "secure" databases on web servers. The cost of credit card fraud runs into over $500 million USD per year and its on the rise.
The New Payment Card Industry Data Security Standards (PCI DSS)
On October 1, 2007 the Payment Card Industry Data Security Council released a new security standard known as the PCI DSS (Payment Card Industry Data Security Standard). This standard states, amongst other things, that if credit card data is being captured and permanently stored in databases on web servers then PCI DSS certification is required. Without proper PCI DSS compliance credit cards can not be permanently stored on web servers, nor even accepted online in the first place.
Any company or individual who accepts credit card payments on their website or shopping cart is now required to do so in accordance with the new PCI DSS standards. This means either the website/shopping cart will itself be PCI DSS compliant in its own right or the website/shopping owner will be utilising a PCI DSS compliant and certified real time or manual credit card payment gateway.
When you become a hosting customer of Netports and want to accept credit card payments on your website, Netports will provide you with complinentry extra support and guidence to ensure you are accepting credit cards legally under the new PCI DSS regulations. The bottom line is we have a professional duty of care to ensure you remain safe yourself by doing things legally and in accordance with the new PCI DSS.
The PCI DSS is not a law; however, it is enforceable by the credit card companies through contractual penalties or sanctions. Any person or business that does not comply with the PCI DSS rules now risks heavy fines (anywhere from $10,000 to $500,000) and the suspension of their merchant account facility by their bank. Implications of non-compliance can be very severe indeed. The merchant services or business banking department of any bank will confirm this as will Visa Asia Pacific, Master Card, American Express, etc..
The new Payment Card Industry Data Security Standards were developed by a consortium of credit card providers including Visa, Master Card, American Express, JCB and Diners Club. The organisation is known as the Payment Card Industry Data Security Council.
If you are currently accepting credit cards online by a method you may suspect is not compliant to the new rules of the PCI DSS, we suggest you urgently make contact with your merchant account facility provider (your bank) or Visa Asia Pacific in Sydney to investigate ways to become PCI DSS compliant, or, you could utilise the services of a PCI DSS compliant manual or real time credit card payment gateway.
The Netports Credit Card Non Storage Practice
Netports is committed to ensuring our customers benefit from services that are of the highest possible standard. Ensuring the security and confidentiality of customer credit card data is an extension of this priority. Our use of the e-Path credit card payment gateway means that when you purchase a service from Netports using your credit card, you are dealing with an organisation that provides unparalleled levels of security, in that not one single snippet of information about your credit card will be permanently stored on the internet. This exceptional level of security for the protection of credit card data is in on top of and in addition to that of the PCI DSS.
E-Path is PCI DSS compliant and is arguably one of the safest and most secure credit card payment gateways currently in the world today. A bold claim indeed but backed up by simple logic - that there is no better security or protection for credit card data on the internet than for it not to exist on the internet - if it doesn't exist it can't possibly be stolen!! This supreme level of security and protection for credit card data is a world first for the online e-commerce industry.
Since moving to e-Path to handle all online credit card payment authorisations on this website in November 2005, our merchant account facility (with the ANZ bank) has not recorded one single instance of credit card fraud. "Charge backs" are a thing of the past for us. This is an extraordinary record for an online service provider or e-commerce business of any type and can be attributed to our own order validation practices of which the e-Path system uniquely makes possible for us in the first place.
With Netports your highly confidential and private credit card details will NOT be left permanently stored in a database on a web server accessible on the internet either by us or by our chosen credit card payment gateway - e-Path. Our Credit Card Non-Storage Practice (CCNSP) policy is, we believe, the first of its type for any web hosting operation in Australia and sets a new standard for the safe and secure handling on online credit card payment authorisations.
We are proud to be taking the lead role within the hosting industry here in Australia in making a highly positive contribution to assisting the Payment Card Industry Data Security Council in working towards eliminating the core risks and vulnerabilities that directly lead to credit card fraud.
See:
About e-Path Security
The Payment Card Industry Data Security Council
|
