ASIC is Australia’s corporate, markets and financial services regulator. ASIC contributes to Australia’s economic reputation and well being by ensuring that Australia’s financial markets are fair and transparent, supported by confident and informed investors and consumers. ASIC is an independent Commonwealth Government body.

They are set up under and administer the Australian Securities and Investments Commission Act (ASIC Act), and they carry out most of their work under the Corporations Act.

The Australian Securities and Investments Commission Act 2001 requires ASIC to: maintain, facilitate and improve the performance of the financial system and entities in it promote confident and informed participation by investors and consumers in the financial system administer the law effectively and with minimal procedural requirements enforce and give effect to the law receive, process and store, efficiently and quickly, information that is given to ASIC make information about companies and other bodies available to the public as soon as practicable.

Overview of PCI DSS

PCI DSS (Payment Card Industry Data Security Standards) was developed by the major credit card companies to assist merchants in preventing credit card fraud and to improve security around processing and storing credit card details.

PCI DSS compliance is an important standard for any organisation storing, processing or transmitting credit card data to have and maintain. It ensures that sensitive customer data and the security of all systems that have access to this sensitive information is maintained and secured at all times.

What is malware?

Malware is short for malicious software and also known as malicious code. Hackers exploit security weaknesses on servers to gain access to a Web site and install malicious code. They use the Web site to spread viruses, hijack computers and steal sensitive data such as credit card numbers or other personal information. Malware code is not easily detected and may infect customers’ computers when they visit a Web site.

 

How do I know if a Web site is free of malware?

Malicious code is hidden in the source code of a Web site and can be difficult to detect without line-by-line analysis. Some malware is activated by the display of a page and may not be detected without behavioral analysis of your code using a browser simulator. When a Web site has a VeriSign® SSL Certificate, it includes a daily malware scanning service for public Web pages. If malware is detected, we will be directed to a list of infected pages and notified of the code causing the problem. Once we have deleted all instances of the code, we can request that your site be rescanned within 24 hours.

 

How does Hot's customer know the Web site is free of malware?

The VeriSign Trust Seal only displays after a successful malware scan. If our site fails a malware scan, the seal switches to the VeriSign Secured® Seal which indicates that encryption is available and authenticates our business entity. When customers see the VeriSign Trust Seal, they know hot.com.au is committed to keeping them safe and they can click the trust mark to see the status of our malware scan. Now hot.com.au customers have assurance through the VeriSign Trust Seal.

Encryption Protects Data During Transmission

Web servers and Web browsers rely on the Secure Sockets Layer (SSL) protocol to create a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a level of encryption is established based on the type of SSL Certificate as well as the client Web browser, operating system and host server capabilities. That is why SSL Certificates feature a range of encryption levels such as "up to 256-bit".

Strong encryption, from 128 up to 256 bits, can calculate at least 288 times as many combinations as 40-bit encryption. That’s over a trillion times stronger. At current computing speeds, a hacker with the time, tools and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate. To enable strong encryption for most site visitors, choose an SSL Certificate that enables at least 128-bit encryption for 99.9% of Web site visitors.

True 128-256 bit SSL Certificates*

Credentials for establishing identity are common: a driving licence, a passport, a company badge. SSL Certificates are credentials for the online world, uniquely issued to a specific domain and Web server and authenticated by the SSL Certificate provider. When a browser connects to a server, the server sends the identification information to the browser. *Depends on browser, 128 is minimum. To view Web site credentials:

• Click the closed padlock in a browser window
• Click the trust mark (such as the VeriSign Trust™ Seal)
• Look in the green address bar*

*Only SSL Certificates with EV trigger high-security Web browsers to display the organisation name in a green address bar. In this case the Parent company of hot.com.au.

Authentication Generates Trust in Credentials

Trust of a credential depends on confidence in the credential issuer, because the issuer vouches for the credential's authenticity. Certificate Authorities use a variety of authentication methods to verify information provided by organisations. VeriSign, the leading Certificate Authority, is well known and trusted by browser vendors because of our rigorous authentication methods and highly reliable infrastructure. Browsers extend that trust to SSL Certificates issued by VeriSign.

SSL and More in a Single Solution

New features available with all VeriSign® SSL Certificates do more than secure transactions and establish trust online. The new VeriSign Trust™ Seal, VeriSign Seal-in-Search™ technology, and daily Web site malware scanning work together with our premium SSL Certificate to help assure customers that our site are safe.