ACP Web Site Security
Concerned about transmitting personal information over the Internet?
You've probably heard about the rise in Identity Theft over the past five years and may not feel comfortable putting your personal information on the Internet. And like most people, you've probably attributed the increase in identify theft to purchasing items from a Web site.
The truth is that you are no less safe from identity theft when using your credit card at a store. Your credit card information is still being sent electronically to a server that processes the payment and sends back a "valid" or "invalid" reply.
However, there are precautions you can take to ensure the security of your information.
Make sure the web site is secure.
The first thing you should look for on a web site is whether the site is a "secured site". There are third-party vendors, such as Verisign and GoDaddy, that offer Secure Site Certificates (SSL Certificate). By applying a SSL Certificate to a Web site, it will encrypt the information you input so that it is very difficult to determine what information you entered. It will also incorporate a mechanism for detecting any alteration in the data transit, making it almost impossible to eavesdrop or tamper with your information. This is essential for safely transmitting highly confidential information such as credit card numbers.
There are a few tell-tale signs that a Web site uses a SSL Certificate. The first is that the web address displays as "https://" rather than the normal "http://". Another way to detect an SSL certificate is by the little image icon that displays on the browser interface (typically a closed pad lock) to show that the site is protected with a SSL Certificate. You can, in most cases, double-click on that pad lock image to display the certificate information.
A much more telling sign of site security is it will display an image generated by the certifying authority that you can click on to view the certificate information. On the Lifestyle Care Planning site you will see an image displaying from GoDaddy with our certificate information (see below).
What is PCI compliance?
Payment Card Industry Data Security Standards (PCI DSS) are network security and business guidelines adopted by Visa, MasterCard, American Express, Discover Card, and JCB to establish a "minimum security standard" to protect user payment information.
Our payment process
In accordance with PCI compliaince guidelines, we store, transmit and process your payment information as detailed below.
Any information you enter onto this site is encrypted and stored on a secure server. After encrypting your information, we assign a unique identifier to your information. We then send that unique identifier, not the credit card details, to the creditor, to validate your credit card information. The creditor then sends back a "valid" or "invalid" reply based on the unique identifier. If the information comes back as "invalid", we will display a warning message on the screen asking you to correct the information. It is possible that if the mailing address you enter doesn't match what the creditor has on file, that the credit card will come back to us as "invalid".
Your security is our main concern.
Our 24/7 Antifraud Security staff constantly monitor the server. They are specially trained to notice anomalies with user information. If there is an anomaly, we will notify you of any suspicious activity with your user account information.
We hope that we have given you the peace-of-mind to know that your personal information is in good hands. However, if you are still uncertain or feel insecure with providing payment information to us through the Web site, please feel free to contact us
so that we may set up your user account using an offline process.