Service Portal security

Electronic payment transaction data is of particular interest to hackers and criminals, and therefore requires highly stringent security measures. Here, you can find out what PAYONE GmbH is doing to ensure the security of your transaction data and invoices, and how you, the customer, can help to guarantee and improve this.

Certification

Our server is identified and protected by a certificate of a registered certification body. The authenticity of these sites can be checked on the basis of the following security features:

The https encryption symbol

This enables you to tell whether a session is encrypted or not. Before the connection to our Service Portal is established, you will receive (depending on your browser settings) a notification that you are about to establish a secure connection. As soon as secure communication is ensured, the bottom status bar of the browser will display a small, closed padlock. Double-click the symbol to reveal your encryption and key length details.

Warning:

If a padlock does not appear, your data is not being transferred in an encrypted format.

128-bit encryption

We place the highest priority on ensuring the security of your data and transactions. We encrypt all data transferred during session with the best security standard available - 128-bit encryption.

Password security:

Changing your password regularly will provide effective protection against hackers.

It is important to select a secure password. Avoid passwords that are easy to guess, such as "abc", "12345", your date of birth, first name or something similar.

Never use your standard password to access the Service Portal, as some computer programs do not use the necessary level of security to encrypt the password. You should not save your user ID and password on the PC. Never distribute your access data or allow any unauthorised persons to use it for access purposes.

Service Portal use only via

https://my.payone.com

Make sure that your computer is connected to the PAYONE website and is not exchanging data with an unknown third party. To ensure this, enter the Internet address https://my.payone.com in the address field of your browser before beginning to use the Service Portal.

This is the best way to protect yourself against attacks from fake websites. Keep your user ID and password safe. Even the best methods of security are worth nothing if you pass secret access information relating to your main user ID onto third parties, as it is only using these that it is possible for them to access your transaction and invoice data.

Logout button:

If a period of more than 30 minutes passes without any online activity on the Service Portal detected, you will automatically be logged out of the Service Portal. We advise you to log out each time using the logout button.

Protection against phishing:

"Phishing" is a term used to indicate a method of obtaining customer data by means of fraudulent e-mails. These are disguised as serious messages from credit institutes, for example, asking the recipient to update personal details. The user is then guided via a link to a seemingly genuine corporate website, whose appearance is deceptively similar to that of the login page of the actual financial service provider. On this fraudulent site, the user is asked, for example, to update his or her personal details and password(s). Once in possession of sensitive data, criminals will have unrestricted access to your information. PAYONE GmbH states unequivocally that we will never ask you for personal details via e-mail. The only purpose of fraudulent e-mails is to prompt customers to divulge their details.