Security at Pharmacy2U
At Pharmacy2U we take the issue of online security very seriously in order to protect our reputation as the UK's longest established online pharmacy. Below is information about some of the measures we take to ensure that your shopping experience with us is as safe as possible. We've also provided, at the bottom of this page, some answers to questions that some of our customers have asked us.
Compliance
We are registered in compliance with the Data Protection Act, Registration No. Z714211X.
Security Policy
We utilise a secure server encryption method to securely transfer all credit or debit card details and customer information. This is provided by GeoTrust. We have had no reports of any customers using a credit card to purchase at Pharmacy2U and subsequent acts of fraud being commited having used details illegally obtained via our site.
Secure server
We use a secure server which encrypts your credit card information during transmission from the webpages to our database. A secure server webpage is different to a normal webpage. You will know you are on a secure webpage because the padlock (on explorer at the bottom and on navigator on the top toolbar) will be highlighted and closed. The web address will also change to indicate a secure server, so that it now starts with https://. When this happens you will know that any information you type into that page will be encrypted when it is sent out.
Encryption is used when you register or login to the website and when you are on the final purchase (checkout) page. If, however, you visit Pharmacy2U from another website such as Freeserve then a padlock will not be displayed in your Internet browser due to the Freeserve menu bar at the top of the screen. It is because of this bar the browser will not display a padlock, even though when you order the website uses https:// to send the details. If you came straight to www.pharmacy2u.co.uk then this would show a padlock when an order was placed.
What level of encryption do we use?
We use 128bit SSL (secure socket layer) level encryption which is one of the most advanced encryption technologies available today. This is provided by Geotrust.
Any information sent over the Internet is encrypted into an unbreakable code before it is sent. This ensures that no third party can intercept and decipher your personal information. It is certainly much safer than giving your credit card in a restaurant or mail order over the phone.
Do you keep my Credit Card details?
Your credit card details are transferred over a highly secure VPN (Virtual Private Network) to our authorisation server which is not directly connected to the Internet. Your credit card details are then entirely deleted from our systems after the transaction has been completed.
If you have chosen to store your card details, these are stored on our database in a highly encrypted and complex format. (This G~²ï@N¤é5ÛꪶC%¦>vr±°º9C6ÎçQKX¶C¦>v&| is an example). We only display the last 4 digits of your card on the website, and always require entry of the security number for each transaction. This means that, in the unlikely event of someone accessing your account, they would not be able to make a purchase using your stored card information.
What about Server and Firewall security?
Our database servers, where your personal details are stored, are not accessible from the internet and are monitored 24hrs. They are continually updated to have the latest versions of software ("patches") providing the highest levels of security and reliability available for those systems.
Pharmacy2U have invested in the highest standard firewalls available which are the same as used by many banks and telecom companies. These are dedicated hardware devices which deter and prevent hackers from reaching our systems. In the interests of security we do not provide details of these to third parties.
Questions
Q: Why don't you use a secure server on the product and basket pages within your site?
A: Simply because it is not required. This is akin to browsing within a supermarket and putting items in your trolley or basket - there is no risk at all. We use a secure server only where it is required (checkout and account) because using it slows down the speed of the website and therefore would not be appropriate for normal pages.
Q: What physical security do you have?
A: Our web and database servers are held in a totally secure purpose-built location with access only available to authorised and validated personnel using advanced code and fingerprint identification. There is 24 hour security and CCTV monitoring.
Q: I'd like some further reassurance.
A: Our security platform has been independently evaluated and reviewed by Devoteam Frontrunner, an established and trusted company specialising in large corporate networks and security. Our web hosting company also has a specialist security consultancy onsite at their premises. Pharmacy2U were part of the first consortium to launch ETP, a national pilot authorised by the NHS, and our security within this is being evaluated by QinetiQ, the former UK Government technology agency.
If you have any further questions please feel free to email Pharmacy2U's Internet Manager Steven Dobson
V1.4 Last updated 30/01/03
Email Newsletter
Receive our latest offers and news direct to your email account
All content of this web site is for information purposes only and is not a substitute for professional medical advice; rather it is designed to support, not replace, the relationship between you and your healthcare providers. You should make sure that you carefully read all product packaging and labels prior to use. If you have, or suspect you may have, a health problem you should consult your doctor. Please consult your doctor before taking any new product, particularly if you are already under medical care. For more information view our Terms & Conditions © Pharmacy2U Ltd 2000 - 2007.
 |
|
|