Security and Encryption Protection Assurance

Comodo's business-validated certificate provides the highest SSL encryption for your shopping experience

We provide our customers and visitors with 128-256-2048-bit futureproof security and visual assurance by employing Comodo's business validated SSL certificate, Comodo SSL. This SSL certificate is 2048-bit ready for hackerproof security for years to come. You can be assured that you are interacting with a secure and authentic domain even when you are not in HTTPS session.

Additional benefits of Comodo SSL:

• Protects our customers' sensitive information with the highest 128-256-2048 bit encryption
• 2048-bit ready keeps your certificate secure for years to come
• Strong encryption and high assurance helps build trust

Comodo has invested millions in their Research and Development labs that are consistently working to push boundaries and develop new exclusive technologies that make interacting online a safer venue for everyone. Comodo SSL is a WebTrust/SysTrust certified site. WebTrust is a leading certification authority.

Your transaction is secure from start to finish and we never keep any of your sensisitve payment information on our servers.

www.CelticMysticalJourneys.com  is registered with the Authorize.Net Verified Merchant Seal program.

When you make a purchase at Celtic Mystical Journeys, you will submit your credit card information through an encrypted, secure link to Authorize.net, our Payment Gateway. Authorize.net is the secure go-between that actually authorizes your payment information through our merchant bank, Elavon. Once you click "submit" to send your order through, we only have access to your ordering information and cannot even see your credit card number. Authorize.Net is a payment gateway that enables merchants to accept credit card payments via Web sites, retail stores, mail order/telephone order call centers and mobile devices. In other words, Authorize.Net replaces the traditional credit card swipe machine you find in the physical retail world. They capture our customers’ payment data, including card number and expiration date, from our checkout form and securely communicate with the appropriate financial institutions for processing.

The Authorize.Net Payment Gateway manages the complex routing of sensitive customer information through the electronic check and credit card processing networks. See an online payments diagram to see how it works. (This page will open in a new window for you).

The company adheres to strict industry standards for payment processing, including:

• Secure Sockets Layer (SSL) technology for secure Internet Protocol (IP) transactions.

• Industry leading encryption hardware and software methods and security protocols to protect customer information.

• Compliance with the Payment Card Industry Data Security Standard (PCI DSS).

For additional information regarding the privacy of your sensitive cardholder data, please read the Authorize.Net Privacy Policy. (This page will open in a new window for you).

The Celtic Mystical Journeys website is PCI Compliant and must prove this with strict server/IP security scans which they provide to their merchant bank each quarter.

About the PCI Data Security Standard (PCI DSS)

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security