Security statement

Security statement

The lock icon at the bottom of your screen indicates when you are in a secure section of the ActewAGL website. The ActewAGL secure site uses a 2048-bit GeoTrust Digital Certificate (GeoTrust is a subsidiary of Symantec, please visit the GeoTrust website for more information). This ensures the confidentiality of your information, and is also used to help confirm that the server you are passing information to is ActewAGL's server. If any other internet user intercepts the communication they will only be able to see it in an encrypted form. When you connect to a secure web server, such as the ePayPlus area of this website, you are asking that server to authenticate itself. This authentication is quite a complex process involving public keys, private keys and a digital certificate. The certificate tells you that an independent third party has agreed that the server belongs to the company it claims to belong to.

Encryption

ActewAGL uses Transport Layer Security (TLS) encryption for its forms and payment details that are transmitted using the Internet. TLS encrypts web communication, allowing us to take credit card orders and protect sensitive personal information. TLS security makes eavesdropping on secure web traffic almost impossible.

Digital certificates

GeoTrust certificates are compatible with the majority of mainstream browsers including Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Safari. A full listing of compatible browsers is available here. ActewAGL recommends the use of the most recent browser version available for secure transactions.

Session validity

A session is only valid for a certain period of time after your last activity with the server. If no activity is detected in the set time frame (for example 20 minutes), then your session is logged off and the 'session cookie' (login token) is no longer valid. Once your session expires, you will have to log on again to authenticate yourself for another session.

Protecting your personal information

All reasonable steps are taken by ActewAGL to protect a customer's personal information, in particular the credit card details supplied by registered epayplus users. ActewAGL use state-of-the-art encryption technology to secure the personal information of a website user.

All credit card transactions receive an identification number that is proof of the transaction's acceptance into the banking system. This identification number can be used to trace any transaction back to the credit card issuer (for example; the bank that issued the MasterCard, or VISA credit card). The result of the credit card payment is normally displayed on the screen within a few seconds.

Credit card information collected from customers who are not registered epayplus users, via the ad hoc online payment system, is transmitted immediately into the banking system and is deleted immediately after the transaction has been completed.

November 2016