Security statement
Security statement
The lock icon at the bottom of your screen indicates when you are in a secure section of the St Mark’s website. The St Mark’s secure site uses a 2048-bit GeoTrust Digital Certificate (GeoTrust is a subsidiary of Symantec, please visit the GeoTrust website for more information). This ensures the confidentiality of your information and is also used to help confirm that the server you are passing information to is St Mark’s server. If any other internet user intercepts the communication they will only be able to see it in an encrypted form. When you connect to a secure web server, such as the online shopping area of this website, you are asking that server to authenticate itself. This authentication is quite a complex process involving public keys, private keys and a digital certificate. The certificate tells you that an independent third party has agreed that the server belongs to the company it claims to belong to.
Encryption
St Mark’s uses Transport Layer Security (TLS) encryption for its forms and payment details that are transmitted using the Internet. TLS encrypts web communication, allowing us to take credit card orders and protect sensitive personal information. TLS security makes eavesdropping on secure web traffic almost impossible.
Digital certificates
GeoTrust certificates are compatible with the majority of mainstream browsers including Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Safari. St Mark’s recommends the use of the most recent browser version available for secure transactions.
Session validity
A session is only valid for a certain period of time after your last activity with the server. If no activity is detected in the set time frame (for example 20 minutes), then your session is logged off and the ‘session cookie’ (login token) is no longer valid. Once your session expires, you will have to log on again to authenticate yourself for another session.
Protecting your personal information
All reasonable steps are taken by St Mark’s to protect a customer’s personal information, in particular, the credit card details supplied by registered St Mark’s users. St Mark’s use state-of-the-art encryption technology to secure the personal information of a website user.
All credit card transactions receive an identification number that is proof of the transaction’s acceptance into the banking system. This identification number can be used to trace any transaction back to the credit card issuer (for example; the bank that issued the MasterCard, or VISA credit card). The result of the credit card payment is normally displayed on the screen within a few seconds.
Credit card information collected from customers who are not registered St Mark’s users, via the online shop payment system, is transmitted immediately into the banking system and is deleted immediately after the transaction has been completed.
