What We DoAt ReliaBills, our ability to help you manage and grow your business is meaningless if we cannot protect you and your customers’ information and privacy. Communications with our billing and invoicing systems are encrypted using TLS 1.2 protocols, 256 bit/128 bit keys and we use SHA 256 certificates ensuring that our users have a secure connection from their browsers to our service. All user payment and transaction information is stored behind firewalls with constant monitoring and accessed via secure protocols. All credit card numbers are tokenized and account information is stored in a PCI DSS compliant network. Want to know what all that means? Keep reading.
What is TLS encryption?Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols are in widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). Major web sites use TLS to secure all communications between their servers and web browsers.
What is PCI DSS?PCI stands for Payment Card Industry. And DSS stands for Data Security Standard. Together, PCI DSS is a standard of rules and regulations identified by the credit card industry for how personal data is to be collected and store by merchants. The standard was created to increase controls around cardholder data to reduce credit card fraud and theft. A business must comply with these rules if they want to be able to accept credit cards as a form of customer payment.
What is Tokenization?When an order is taken and a credit card number is entered into an order form, tokenization is the process of real-time replacing credit card numbers with a unique randomly generated identification symbol or value (token) that retains all the essential information about the data without compromising its security. Since the token is not an actual account number, it can't be used outside the context of a specific unique transaction with that particular merchant. Tokenization minimizes the amount of data a business needs to keep on hand.
What YOU Can Do ?An application is only as safe as the person using it. In addition to all of the things that we do, there are things that you can and should do as well:
- Keep your login information confidential
- Create strong passwords. Using 12345, abcde are dangerously weak passwords that are easy to guess. Also, avoid using personal information that is publicly available (your maiden name, your high school, children’s names and/or birthdates, etc.)
- Change passwords at least once a year
- At work, do not leave your workstation unattended while logged in.