eCredable Security Policy

Security is our #1 priority.

eCredable takes your security seriously.

Below is a summary of the measures eCredable takes to protect your information and descriptions of the ways we implement these measures.


eCredable Security Measures

Secure Socket Layer (SSL)

eCredable.com SSL certificates support both industry-standard 128-bit which is used by banks to safeguard sensitive data and high-grade 256-bit SSL encryption to protect online transactions. The actual encryption strength on a secure connection is determined by the user’s browser and the server that the website resides on. Encryption strength is measured in key length or the number of bits in the key. To decipher an SSL communication, one would need to generate the correct decoding key. 128-bit and 256-bit keys involve 2,128 and 2,256 possible combinations respectively, rendering the encrypted data virtually impossible to crack by an unauthorized party.

Read more about SSL here on Wikipedia:  http://en.wikipedia.org/wiki/Secure_Socket_Layer

Click on the "GoDaddy.com Secured" icon below or in the footer and you'll see the validity of our site SSL security.  It reads, "This Web site is secured with a GoDaddy.com Web Server Certificate and GoDaddy.com has verified that the Certificate is valid."


PCI Compliance

eCredable uses a leading provider of Payment Card Industry compliance (PCI compliance) and security solutions focused to combat new security threats and fraudster methods. Payment Card Industry Data Security Standards (PCI DSS) are network security and business practice guidelines adopted by Visa, MasterCard, American Express, Discover Card, and JCB to establish a “minimum security standard” to protect customer’s payment card information. It’s a requirement for all websites that store, transmit, or process payment card information. eCredable adheres to PCI (payment card industry) compliance standards for data security. We have partnered with Trust-Guard.com who is a leading provider of PCI compliance and security solutions. Our PCI compliance is a multifaceted security standard that includes requirements for security management, policies, procedures, website and network design, and other critical protective measures. This comprehensive standard is intended to proactively protect member account data. In order to say we are "PCI Compliant", eCredable's website must pass a thorough weekly scan more than 45,400 known vulnerabilities, in accordance with PCI Security Standards.


Payment Gateway Security

You can be confident in knowing that eCredable.com is a verified Authorize.Net merchant. Authorize.Net is committed to providing its merchant customers with the highest level of transaction processing security, safeguarding customer information and combating fraud. More merchants trust Authorize.Net than any other payment gateway to process their eCommerce transactions securely. For more information about the benefits of Authorize.Net’s secure transaction processing, please visit the Authorize.Net Web site.


Cloud Computing Security

Our platform utilizes a highly scalable cloud computing solution where security, speed, reliability and availability are essential.  State of the art security measures are designed directly into the eCredable.com platform.  This core-level security paradigm ensures end-to-end data protection and regulatory compliance.  Our platform employs such measures as Tier-One Hosting, Tier-One Firewalls, high-level data warehouse encryption, isolated databases through data management application layers, controlled session times, on-screen encrypted passwords with challenge and response user-security measures as well as numerous other industry best practices. This innovative hosting technology also allows for the capacity to expand and contract during different traffic levels, with 99.95% uptime.