Security of your credit card data
The PictureCode website uses the Authorize.net payment gateway to authorize and process credit card transactions. Authorize.net is a subsidiary of Visa and one of the largest processors of Internet credit card transactions.
Your credit card number never actually transits through any PictureCode server. Instead, it is sent directly from your web browser to Authorize.net, using a procedure called the "Direct Post Method". It works like this:
- On the "Review and Pay" page of the order process, the PictureCode server sends a form to your web browser to collect your credit card information.
- You fill out the form in your browser.
- When you submit the form, it is transmitted directly to a server at Authorize.net using an encrypted (https/SSL) connection. The form is not submitted to PictureCode.
- After your credit card is approved and charged, the Authorize.net server contacts the PictureCode server with the results of the transaction. It does not send any credit card data.
- The PictureCode server generates emails for the license key and receipt, using information you entered earlier in the order process.
- Using some special HTML and/or JavaScript code, your web browser is pointed back to the PictureCode server and browsing session, so it appears as though you never left our site.
In this scheme, PictureCode never sees your credit card data and we have no way to store any credit card data. So, even if our server is breached, a hacker will not be able to access any stored credit card information.