Information Security Policy For Payment
1. Security Commitment:
A card payment system that is issued to operate legally in Vietnam is provided by Payment Gateway Partner (“Payment Gateway Partner“). Therefore, the standards of card payment security at website https://phukiennoihoi.vn/ ensure to follow the industry security standards.
2. Security Regulations:
The transaction policy for Credit Card or Napas Card (Internet banking) ensures to follow the security policy of Payment Gateway Partners, including:
- Financial information of customer is protected during the transaction process using the SSL (Secure Sockets Layer) protocol.
- Certification of payment data security standards (PCI DSS) provided by Trustwave.
- One-time password (OTP) sent via SMS to ensure account access is authenticated.
- Data Encryption Standard (DES) MD5 128 bit.
- Principles and regulations of information security in the banking and financial industry as regulated by the Vietnam State Bank.
- The security policy for transactions on the website https://phukiennoihoi.vn/ applies to customers.
- The company provides token storage facility - only storing the encrypted string provided to the company by the Payment Gateway Partner. The company does not directly store customer card information. Security of customer payment card information is performed by a licensed Payment Gateway.
- For Credit Cards: the customer's payment card information that can be used to establish transactions is not saved on the system of the website https://phukiennoihoi.vn/.Payment Gateway Partner will store and security.
- For Napas Cards (internet banking): the company only stores the order code, transaction code and bank name. The company commits to ensuring strict implementation of necessary security measures for all payment activities performed on the e-commerce trading website https://phukiennoihoi.vn/.