- General Store /
- Secure payment
We pay particular attention to the security of your credit card payments:
Cards we accept
We accept Visa and Master Card. Preparing your order begins as soon as your payment is accepted by our bank. Debiting the account is made at the time of the shipment of the order (excluding exceptional reaching the incompressible time limit imposed by our bank: 10 days).
Your credit card number is precious ...
On some websites, when checking your order, they simply ask you, on the website itself, to provide your credit card number and expiration date. On some others, it's the same thing but it tells you that the payment is "secure". However you find that you are still on a page of the website itself, just in the address bar http:// ... turned into https:// ...
In both cases the problem is the same, your credit card number is transmitted directly to the merchant who will use it in his establishment, via a conventional payment terminal, to charge you by sending it to his bank with the sum involved .
So nothing prevents some employees of the trader to have access to this No., or that the database of that merchant is hacked (this has already been seen with blackmail). The security of your credit card number then depends on the management and securities that the merchant sets up, with respect to its staff and towards the outside (without questioning his honesty).
When payment is simply "secure" (SSL or other), it means that the transmission of your Card number is encrypted to the site. It's a little better than nothing, because it means that your number cannot be intercepted on line (case rather improbable, in fact). But the problems mentioned above are possible.
On a-et-a.com we adopted another solution
Upon payment you switch on a page counter to our bank CyberMut provider (a Credit Mutuel Service). So it is directly to the bank that you give your credit card information via a virtual payment terminal and secured with SSL (encrypted transmission). On our side we have sent to the bank the order number and the amount to charge you. We've no access to your credit card number via this system. If you absolutely want to call it us (some customers ask us) we will try to dissuade you for security reasons mentioned above.
So if you accept our payment method directly through our siteonly the bank accesses your card no to process the transaction, which it used to do for all your card payments, including your usual merchants near your home. It has safety systems that go far beyond what can ensure you an ordinary website.
No doubt you'll be faced with the security system enhanced 3D Secure set up by banks for internet regulation. Upon payment, our bank will switch on an interface of your bank so you can identify you.
According to the bank issuing the card, the authentication methods vary:
- Crédit Mutuel: client must authenticate itself with its online banking login, then enter a code written on his "personal key card" (a grid of 64 4-digit codes in which you must draw the correct code depending on the line and column requested by the website).
- Banque Postale, Axa Banque and Caisse d'Epargne: the customer must indicate his date of birth.
- BNP Paribas: a code is sent by SMS.
- Société Générale: a code is sent by SMS.
- Crédit Agricole and LCL: the client must specify a personal password, created during the first use.
- BRED Banque Populaire: an authentication key Ip@b, credit card size CD.
- Groupama Banque: the customer must provide their name, postcode of residence and date of birth.
Payment is accepted by your bank if authentication has been successfully verified.
But it's needed that your bank has implemented the process with you in your contract.
If this is not the case please contact your bank who will explain the procedure.
However, if you insist to pay directly by providing us your credit card number by phone (+33 (0) 240200092), it will be used live to feed our (physical or virtual) payment terminal connected to our bank and will never be stored in our databases.