Payment Security Policy
Purpose
The Payment Security Policy of Toanthangcar.com ("TOANTHANG") is established to protect customer payment information. Our payment system connects with licensed Payment Gateway Partners in Vietnam such as VNPay, Cybersource, Payoo, etc. We ensure compliance with security standards set by organizations such as the State Bank of Vietnam and the Payment Gateway Partners who assess and authorize these practices.
Specific Regulations
TOANTHANG adheres to the following security standards:
- SSL (Secure Sockets Layer) for internet data security.
- Payment Card Industry Data Security Standard (PCI DSS) certification provided by Trustwave.
- 256-bit SHA encryption standard.
- One-time password (OTP) sent via SMS or 3D Secure encryption of Visa and MasterCard to authenticate accounts (confirmed by Visa and MasterCard for security).
- Security principles and regulations for information in the banking and financial sector as regulated by the State Bank of Vietnam.
TOANTHANG's Payment Security Policy applies to Customers as follows:
- TOANTHANG provides a token storage utility – only storing strings that have been encrypted by the Payment Gateway Partner. TOANTHANG does not store customer card information; this information is secured by the Payment Gateway Partner.
- For international cards: Customer payment information is not stored on TOANTHANG’s system. This information will be stored and secured by the Payment Gateway Partner.
- For domestic cards (internet banking): TOANTHANG only stores the order code, transaction code, and the name of the bank.
Commitment
TOANTHANG commits to rigorously implementing necessary security measures for all payment activities on Toanthangcar.com.