Our online membership subscriptions and payments are managed by Stripe, one of the largest financial services companies for online transactions. Stripe has been audited by a Payment Card Industry (PCI) — certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

Stripe ensures secure communications (referred to as Hypertext Transfer Protocol Secure, or HTTPS) using Transport Layer Security (TLS) for all of its services. All card numbers are encrypted and decryption keys are stored on separate machines. None of Stripe’s internal servers or daemons can obtain plaintext card numbers. Stripe’s infrastructure for storing, decrypting and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with Stripe’s primary services, such as their website.

The Battersea Society limits access to order information to a small number of administrators, most of whom are Battersea Society trustees. Only the last four digits of members’ cards are recorded in the order information to which these administrators have access and they have no access to any other card information.

The Battersea Society website itself is also secured by HTTPS. The viewer’s connection to the website is encrypted, which prevents potential attackers from accessing or impersonating the site.