Security is probably one of the most significant concerns for both the shopper and the retailer during an online transaction. In reality, an online transaction is probably more secure than a card transaction in a shop or conducted over the telephone or by fax, as the information transmitted online is strongly encrypted using complicated logarithm combinations.

Touched by Scotland Ltd. use PayPal to process credit and debit card transactions. Touched by Scotland Ltd. do not store your credit card details. The following information is taken from the PayPal support area:

The PayPal payment system uses a combination of both established and innovative techniques to ensure the security and integrity of all sensitive data. Furthermore, our public web servers are certified by Verisign, a public Certificate Authority, ensuring that both the shopper and retailer can have confidence that nobody can impersonate PayPal to obtain confidential information.

Transaction Encryption
The transfer of the purchase details from the retailers site to PayPal are encapsulated using our own encrypted and digitally-signed protocol. This uses a combination of standard methods such as PGP, RSA and MD5 to ensure that the information passed is secure and tamper-proof via SSL. See Purchase Token Security for details.

Security for the Shopper
Any communication between the shopper and PayPal is also encrypted to the maximum strength supported by the shopper's browser using 128 Bit SSL. Shoppers are also protected from fraudulent use of their card in a "card not present" environment, by their card issuers. The card issuers provide the right for shopper to dispute a transaction if the goods/services did not arrive or if the card was used fraudulently.