Secure Transactions

At OPENSHOP, we are committed to providing our clients with a secure and trustworthy platform for making essential IT purchases. We understand the importance of safeguarding your financial transactions, and we have implemented robust security measures to ensure that you can make your purchases with confidence.

Data Encryption
We take your online security seriously. When you make transactions on our platform, we use industry-standard encryption protocols, such as SSL/TLS (Secure Sockets Layer/Transport Layer Security), to protect your data. This encryption ensures that all information exchanged between your web browser and our servers remains confidential and cannot be intercepted or tampered with by malicious actors.

Here’s how it works:

• Secure Connection: Your web browser establishes a secure connection with our servers using SSL/TLS protocols, ensuring that your data is encrypted during the entire transaction process.
• Encryption Keys: During the SSL/TLS handshake, your browser and our servers exchange encryption keys and authenticate each other’s identity, guaranteeing the security of the connection.
• Data Protection: All data transmitted between your device and our servers, including sensitive information like payment details, is encrypted. This means that even if intercepted, the data appears as gibberish to unauthorised parties.
• Robust Encryption: We employ strong encryption algorithms, including Advanced Encryption Standard (AES) with 256-bit encryption, to safeguard your information, ensuring that it remains confidential.

Payment Processing
Your payment information is of utmost importance, and we handle it with the highest level of security:

• Certified Payment Gateway: OPENSHOP partners with a reputable and PCI DSS (Payment Card Industry Data Security Standard) compliant payment gateway service provider.
• Secure Transmission: Your payment details are transmitted securely through an encrypted SSL/TLS connection, guaranteeing the confidentiality of your financial information.
• Tokenisation: We use tokenisation to protect your data. Instead of storing your full credit card number, a unique token is generated and securely stored. This token can be used for future transactions without exposing your actual card details.
• Multi-Factor Authentication: To ensure that only authorised users can make payments, we implement multi-factor authentication and verification mechanisms, including password authentication, biometric verification, and one-time password (OTP) validation.
• Compliance: OPENSHOP is committed to complying with data protection regulations, including the General Data Protection Regulation (GDPR). We adhere to strict data protection practices to safeguard your payment information in accordance with legal requirements.
• Security Audits: Our payment processing systems undergo regular security audits, assessments, and penetration testing to identify and address potential vulnerabilities.

Data Storage
We follow data minimisation principles, meaning we only retain the minimum amount of payment data necessary:

• Encrypted Storage: Payment data, including credit card numbers and sensitive billing information, is securely stored in encrypted databases and servers.
• Tokenisation Continues: Tokenisation is also used for data storage, ensuring your data remains protected.
• Access Control: Access to payment data is strictly controlled and limited to authorised personnel with specific job functions.
• Retention Periods: We define specific data retention periods based on legal requirements and business needs. Typically, payment transaction records are retained for seven years, as mandated by tax and financial regulations.
• Data Deletion: Once the defined retention period expires, payment data is securely and permanently deleted from our systems.

Transaction Security Measures
We employ various security measures to protect your transactions:

• Fraud Detection Systems: Advanced fraud detection systems use machine learning and AI algorithms to identify potentially fraudulent transactions, analysing patterns and behavior.
• Address Verification: We use address verification services (AVS) to compare the billing address provided during the transaction with the address on file with your payment card issuer.
• CVV Codes: CVV codes are required during transactions to ensure you have physical possession of the card.
• Geolocation and Device Fingerprinting: We use IP geolocation and device fingerprinting technology to detect unusual or high-risk transactions.
• Real-Time Monitoring: Our systems continuously monitor transactions to identify and prevent suspicious or fraudulent activity.
• CAPTCHA Challenges: CAPTCHA challenges are employed to prevent automated bots from accessing the platform during registration and login processes.
• User Verification: Users may be required to confirm their transactions through email verification or SMS codes.
• Session Management: Robust session management practices ensure secure user sessions throughout the transaction process.
• Logging and Auditing: All transaction activities are logged and audited for comprehensive monitoring and forensic analysis.

Compliance with Regulations
We are fully committed to complying with relevant regulations:

• PCI DSS Compliance: OPENSHOP adheres to PCI DSS standards for secure handling of payment card data. We regularly undergo assessments to validate our compliance.
• GDPR Compliance: OPENSHOP complies with the General Data Protection Regulation (GDPR) and other relevant data protection regulations, ensuring that your data, including payment data, is handled in accordance with legal requirements.
• Local Regulations: We stay informed about changes in Greek legislation related to secure transactions, financial data handling, and consumer protection. We adjust our practices to remain compliant.

Contact Information
If you have any questions or concerns regarding transaction security, please don’t hesitate to contact us at support@openshop.gr. Your security and peace of mind are our top priorities.