Posted on Leave a comment

Get 10% off Coupon Code

Simply enter GET10 coupon code* at checkout to redeem your 10% discount for all your orders. No minimum spend.

Terms & Conditions

  1. The coupon cannot be used in conjunction with other coupons.
  2. The coupon should not apply to items on sale.
  3. There is no minimum or maximum spend
  4. The coupon grants free shipping
  5. One usage limit per user
  6. Coupon expiry date is 30.04.2016
Posted on Leave a comment

GlobalSign SSL

GlobalSign SSL

We use GlobalSign’s SSL Certificates which offers the strongest encryption and value-add features to ensure our website is protected and meets the demands of today’s modern sites. Customers and visitors to our site will know that their browsing session is safe, and that payment details and personal information is kept secure and encrypted.

Strongest & Fastest SSL

GlobalSign provides the strongest SSL encryption available by using SHA-256 and 2048 bit RSA keys.

Universal Device Support

GlobalSign SSL is trusted by every popular browser, application and device. Visitors, no matter what device they use, will automatically trust our SSL security.

Accredited Security Audits

WebTrust accredited CA since 2001 and has been issuing trusted SSL Certificates since 1996 with over 2.5M certificates issued worldwide to date.

 

Posted on Leave a comment

Security Metrics

Security Metrics PCI

Security Metrics

SecurityMetrics is a leading provider and innovator in data security and compliance for organizations worldwide. SecurityMetrics mission? To help organizations comply with financial, government, and healthcare mandates through innovative security tools, caring customer support, and qualified expertise.

Payment Card Industry (PCI)

Payment Card Industry Data Security Standard (PCI DSS) compliance is designed to protect businesses and their customers against payment card theft and fraud. If your business accepts, stores, or transmits card data, PCI DSS compliance certification is required by card brands such as Visa, MasterCard and Discover.

Mini Robin PCI Status: Passing

Mini Robin payment system is Payment Card Industry Data Security Standard (PCI DSS) compliance. Our current PCI Status is passing.

Posted on Leave a comment

Security Infrastructure

Braintree Security Infrastructure

Security is of paramount importance to us. We focus on providing a secure environment that goes above and beyond industry security standards and guidelines. The following is an overview of the steps we take to secure our customers’ most sensitive information.

Validated PCI DSS Compliance

Braintree is a validated Level 1 PCI DSS Compliant Service Provider. We’re on Visa’s Global Compliant Provider List and MasterCard’s SDP List.

Prohibited Data Storage

We never store raw magnetic stripe, card validation code (CAV2, CID, CVC2, CVV2), or PIN block data. Storage of this data is prohibited by the PCI DSS.

Data Encryption

Cardholder data is stored using one of the most advanced encryption methods available. We use multiple encryption keys which are stored on different physical servers. A data thief would not be able to make use of information stolen from a database without also having the key. The data store where cardholder data is kept cannot be connected to via the internet.

Authentication and Session Management

We require all users to authenticate each time they use the application and inactive sessions time out after 15 minutes. Passwords are never stored directly in the database, but are salted and hashed using a slow hash function to increase security. In addition, all communication between merchants and us is conducted in a secure fashion using TLS (Transport Layer Security).

Reliability

We have high redundancy onsite and offsite. Onsite data is mirrored on individual servers using RAID and is also hot synced between servers. Data is also encrypted and backed up off site with an undisclosed third party.

Disaster Recovery

We have geographically diverse data centers.

Activity Observation

All activity by our users or internally by our employees is extensively logged in a tamper-proof fashion.

In addition to having a Web Application Firewall, we engage in the practice of extensive internal code reviews of all the software we develop.

Penetration Testing

At least quarterly, we conduct automated vulnerability scans. In addition, at least once a year we have extended external penetration testing conducted by outside sources.

Securing Access

Our network has been set up in a secure fashion with minimal access to outside networks. Only VPN access is allowed to our servers from whitelisted IPs. Internally, we use segmented networks so only servers which work together can communicate with each other.

We facilitate secured patching and software updates of all our systems, including watching numerous online resources for the latest vulnerabilities.

All of our employees undergo background checks as well as training on relevant security matters that pertain to their job. We also provide guidance to merchants on how to securely interact with our services.