Scrooz Fasteners Security
We take our security responsibilities very seriously. Here's an idea of what we are doing to ensure you can shop with us in the most secure environment possible. If you have any queries or security concerns at all, please let us know, we'll be happy to answer any queries or concerns you may have.
We do not store credit card information, all credit card transactions are securely submitted through the highly secure and fully encrypted banking system for processing. We never have access to your credit card details nor is it ever stored on our servers, so you have no need to worry that your details could be passed on or hacked when using our store.
We use the latest security technologies to encrypt and deal with your information. With processes audited by a PCI-certified auditor and certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, we make use of best-in-class security tools and practices to maintain maximum levels of security including :
- Forcing HTTPS for all services using TLS (SSL).
- Continual implementation auditing.
- Using HSTS to ensure browsers interact only through HTTPS.
- Inclusion on Google Chrome and Mozilla Firefox HSTS pre-load security lists.
All credit card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of our internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Our infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with our primary services (API, website, etc.)... so no-one can grab your details... ever.