Security & Payment

 About Payment Gateway

website security


paypal

 


At PayPal, we put people at the center of everything we do. Founded in 1998, we continue to be at the forefront of the digital payments revolution, processing almost 11.6 million payments for our customers per day. PayPal gives people better ways to connect to their money and to each other, helping them send money without sharing financial information and with the flexibility to pay using their PayPal account balances, bank accounts, PayPal Credit and credit cards. With our 165 million active customer accounts, we have created an open and secure payments ecosystem people and businesses choose to securely transact with each other online, in stores and on mobile devices. PayPal is a truly global payments platform that is available to people in 203 markets, allowing customers to get paid in more than 100 currencies, withdraw funds to their bank accounts in 57 currencies and hold balances in their PayPal accounts in 26 currencies. PayPal is an eBay Inc. (Nasdaq: EBAY) company. In September 2014, eBay Inc. announced the planned separation of eBay and PayPal into independent publicly traded companies in 2015. More information about PayPal can be found at www.paypal.com and www.paypal-media.com. More information about the planned separation of eBay and PayPal can be found at update.ebayinc.com.

Company’s Founding Date
December 1998

Corporate Headquarters
2211 North First Street
San Jose, California 95131

Web Site Address
www.paypal.com

Worldwide Operations
12312 Port Grace Boulevard
La Vista, Nebraska 68128

 


stripe

 Stripe is the best way to accept payments online and in mobile apps. We handle billions of dollars every year for forward-thinking businesses around the world.

Who we are

We think that building an internet business is a problem rooted in code and design, not finance. Our developer-friendly APIs let our users focus on building great products.

We love the web, and care deeply about beautiful code, APIs, and documentation. We really like startups and building products—the people at Stripe have previously helped start Skype, Lala, Act Blue, Kickoff, Interstate, Auctomatic, Encyclopedia, GazeHawk, and Wesabe.

Stripe’s investors include Sequoia Capital, Andreessen Horowitz, and PayPal co-founders Peter Thiel, Max Levchin, and Elon Musk.


 

About Security

Dreamsweek is 100% covered with https protocol

What is SSL?

Secure Sockets Layer (SSL) is a protocol for enabling data encryption on the intranet and for helping web site users confirm the owner of the web site. SSL is most commonly used to protect communications between web browsers and servers. However it is increasingly used for server to server communications and for web-based applications.

What is encryption and why are there different levels?
Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key has more possible combinations. When an encrypted session is established, the encryption level is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.

The Comodo companies change the infrastructure that is essential in enabling e-merchants, other Internet-connected companies, software companies, and individual consumers to interact and conduct business via the Internet safely and securely. The Comodo companies offer PKI SSL, Code Signing, Content Verification and Email Certificates; award winning PC security software; vulnerability scanning services for PCI Compliance; secure email and fax services. Continual innovation, a core competence in PKI, and a commitment to reversing the growth of Internet-crime distinguish the Comodo companies as vital players in the Internet’s ongoing development. Comodo secures and authenticates online transactions and communications for over 200,000 business customers and 10,000,000 users of our desktop security products. For additional information on Comodo – Creating Trust Online™

visit www.comodo.com

 

website security
SITELOCK – MALWARE SCANNING

What is it?
Malware, short for malicious software, can be installed on your website by hackers who are able to find weaknesses on your web server. A typical website may have thousands of potential vulnerabilities for malware injection.

What is the impact?
Once placed on a website, malware can then be used to spread viruses, steal personal or financial data, and even hijack computers. It is not easily detected and may infect your customers’ computers after they visit your website. Ultimately, this negatively affects your company’s reputation and can result in lost business.

How does SiteLock® protect me?
SiteLock malware scanning technology reviews all of the files and applications on your website and compares them against industry standards, as well as our proprietary sources, to detect any malware that has been inserted in your website code. If we identify website malware or a virus on your site during your daily SiteLock scans, we will notify you immediately via email. Your SiteLock dashboard will show a list of infected pages, and our Expert Services team can help you remove it so you can maintain your secure reputation.

What can I do about it?
Malware protection prevents hackers from using your website to distribute virus-infected software to your visitors and customers. Use a website scanning service that includes daily malware scanning, such as any of our complete website security solutions (SecureStarter, SecureSpeed®, SecureSite®, etc) as well as SiteLock Professional, Premium or Enterprise scanning plans.


 

website security

 

Unique Security Encryption Key
This website takes advantage of a “Unique Security Encryption Key” (running in combination with the s2Member® software application and WordPress®, a PHP framework). This Unique Security Encryption Key works to further protect all User/Member accounts from being accessed or abused by hackers. This website’s Unique Security Encryption Key, allows it to operate with a unique instance of the s2Member® software application (i.e. slightly different from other sites on the web, possibly using s2Member® as well). As a consumer, this protects you! Sites like this one, using a Unique Security Encryption Key with s2Member®, along with randomly generated Salt Keys, and other WordPress® security standards; greatly reduces the risk of someone stealing and/or sharing your personal information. Security Encryption Keys are also used in some data storage routines, and extensively in Cookie-based authentication, to further safeguard your information during server-based sessions.

Brute Force Login Protection
In cryptography, a Brute Force Attack is a strategy that can, in theory, be used against any encrypted data, by an attacker who is unable to take advantage of any other weakness. One example of a Brute Force Attack, occurs when multiple/repeated logins are strategically attempted with various username/password combinations, until a correct guess is made. This website takes an important step to further protect your account from being hacked, by implementing what’s known as “Brute Force Login Protection”; made possible by the s2Member® software application. s2Member® thwarts this behavior by monitoring failed login attempts that occur within a short period of time. When/if s2Member® detects an IP address (i.e. a remote User), who is consistently failing to enter a valid username/password, a temporary ban is created; preventing additional attempts from taking place for several minutes (or even hours), as configured by the site owner.

Unique IP Access Restrictions
As with any website granting account access through a username/password combination, it is possible for one User to signup, and then share their username with someone else; or even post it online for the whole world to see. This is known as “link sharing” (aka: “username sharing”). This website takes an important step toward preventing this bad behavior; both for consumer safety, and for the safety of the site itself; along with associated products/services made available. The s2Member® software application assists in this regard. With s2Member®, a single username, access link, and/or entry point, is only valid for a certain number of unique IP addresses, as configured by the site owner. When/if an upper limit is reached, s2Member® will assume there’s been a security breach. At that time, s2Member® will ban (i.e. prevent access) to a specific URL, and/or to an entire account associated with a particular username.

One-Way Password Encryption
This website stores passwords with a One-way Encrypted Hash, using only a “hashed” version of your password for future comparison. This means that your plain text password is not stored anywhere, and therefore cannot be stolen and/or shared through this website. Only an encrypted “hash” is known, with no way to decode the actual value of the password itself (e.g. a One-way Encrypted Hash). This One-way Encrypted Hash allows the site to verify a cryptographic hash algorithm, and if the hash value generated from your entry ( during an attempt to log in ) matches the One-way Encrypted Hash stored in the password database, you are permitted access. The One-way Encrypted Hash value is created by applying a hash function (using cryptographic methodologies) to a string consisting of the submitted password, and another value known as a Salt. The Salt is unique to this site, and it prevents attackers from easily building a list of One-way Encrypted Hash values for common passwords.