You Are Paying Safely On The Internet

Safely pay by credit card online using e-PathThe website you have just come from utilises the e-Path credit card payment gateway to accept credit card charge authorisations from its online customers.

When paying by credit card online via e-Path you are utilising a new generation payment gateway engineered from the ground up to remove much of the vulnerability and risk that has plagued the online e-commerce industry since it first started.

Without permanently electronically storing your credit card, transaction or identity details within its systems, e-Path achieves a level of security that is unmatched within the online credit card payment industry. Quite possibly your credit card details have never before been so secure.

Here is exactly why and how e-Path finally changes things for the better for ....

You, The Cardholder The Business Owner Banks (merchant accts) Credit Card Vendors
The overwhelming majority of credit card and identity data theft in the world today can be traced back to highly sensitive credit card and identity details being compromised when permanently stored online, in databases, storage systems, on networks and other types of similar systems.

Subsequently, astronomical amounts of money is spent each and every year in the continuing struggle, day after day, to protect permanently stored credit card details and highly confidential identity information from 'hackers' and 'cyber criminals' on the internet.

To the heartbreak of cardholders and online businesses all over the globe, 'hackers' and 'cyber criminals' are still managing to breach even the strongest of security defences ....

More than 100 million credit cards may have been compromised in data breach
Credit card breach exposes 40 million accounts
40M credit cards hacked
40 million credit cards exposed
Visa confirms another payment processor breach

Despite the well known and recognised risks the practice of permanently and electronically storing credit card details, transaction data and highly sensitive identity information online, in databases, storage devices and within networks remains a fundamental function of mostly all online credit card payment processing methods and many e-commerce websites still to this day. They can't do much about it as this is how the automated internet based card processing system has been designed from the beginning.

But the new e-Path payment gateway is different. Very different.

e-Path has been engineered to remove the need to permanently store highly sensitive credit card, transaction and identity details and subsequently is the first gateway of its type to terminate, by design, the core reason why critically sensitive credit card details and highly confidential identity information potentially becomes available to be compromised, hacked into, copied or stolen in the first place.

When you pay by credit card online using e-Path, not a single snippet of your highly private and sensitive credit card details, or any other details for that matter, will be permanently electronically stored online, in any database, in any storage appliance/device or on any network by the gateway. No names, no credit card numbers, no expiry dates, nothing is permanently electronically stored by e-Path. This, combined with the fact that e-Path creates a separate gateway system with its own unique encryption processes and secure URL for each and every gateway merchant means you are being protected by an entirely new level of security that has simply not existed before.

Once the official bank approved merchant account owner is in receipt of your credit card charge authorisation as far as e-Path and the internet is concerned it is as if that payment never occurred in the first place - nothing exists either online or on any network or in any database, storage appliance or within any electronic system of any type, shape or form with e-Path.

Not only that, once the charge is performed your credit card details will no longer even exist!!! In fact, e-Path is the only payment gateway that guarantees the merchant can ensure their own customers' credit card details do not exist anywhere, either electronically or otherwise, after the transaction is performed.

This extreme level of security separates e-Path from all other methods to accept credit cards online and it represents the ultimate ideal for the protection of all forms of critically confidential data in the age of the internet, not just highly sensitive credit card and identity details...

When highly sensitive credit card details do not exist they can't possibly be stolen!!

The business owner whose website you've just come from is clearly very serious about security. Their decision to utilise the e-Path credit card payment gateway is evidence they are not prepared to compromise on security or risk anything when it comes to protecting their own online customers.

Defence Signals Directorate Gateway Certified Telecommunications Carrier

Few other areas are as critically vital to the security of the e-Path service as the actual hosting infrastructure utilised to host and deliver our services to the internet.

e-Path's host, Netports Australia, exclusively utilises a datacentre and telecommunications carrier which is has achieved Defence Signals Directorate Gateway Certification. This certification conforms with ASCI-33 and the PSM (Protective Security Manual)

Delivering the e-Path service from a 'super-max' security accredited hosting and network environment positively contributes to our ability to deliver overall security that is of the utmost highest calibre.

And in strict accordance with new Australian National Privacy Laws that call for truthful disclosure of all factors involved in the handling of personally identifiable and confidential information, you as the cardholder have an absolute right to know these facts about the very environment handling your highly sensitive credit card data.

See: Department of Defence Defence Signals Directorate Gateway Certification Guide

Secure technologies you can trust

e-Path comprises of many technologies, some well established and others very new, that all combine to provide a uniquely powerful and secure system that is at the forefront of a new era in secure online e-commerce. These include ...

Full strength SSL protects the connection between you and the business owners e-Path payment gateway. It is not possible for internet communication to occur with any e-Path payment gateway without the full protection of SSL being present. If you do not have an SSL capable browser you will not be able to communicate with the secure e-Path system.

e-Path utilises THAWTE SSL. THAWTE is recognised as a world leader in SSL. You can confirm the existence of the THAWTE SSL in two ways ...

SSL icon in browser Quite independently from e-Path, your browser should be able confirm the secure e-Path gateway page is under SSL protection by the display of a padlock icon. Browsers have various ways of displaying this icon, some display the padlock at the bottom while some at the top within the address bar. If there is any doubt, see #2 to obtain direct confirmation from hte SSL issuer, THAWTE Inc.

THAWTE SSL can be confirmed with one click At the top of all secure e-Path gateway pages you can click on the THAWTE graphic to verify directly with THAWTE the validity of the e-Path THAWTE SSL. This provides the customer with direct SSL issuer confrmation of a correctly functioning SSL.

e-Path, PCI DSS Compliance and McAfee

e-Path utilises the Payment Card Industry Security Standards Council approved and compliant McAfee™ PCI DSS (Payment Card Industry Data Security Standards) program. McAfee™ is a PCI Approved Scanning Vendor (ASV).

McAfee™ is best known for their McAfee Secure trustmark and is a world leading provider of webserver security services including card vendor PCI (Payment Card Industry) compliance services.

The McAfee™ PCI Compliance program meets the requirements of Visa's CISP and AIS, MasterCard's SDP, American Express' DSS, DiscoverCard and JCB.

Our secure systems are physically located in the Macquarie Telecom datacentre in Sydney. Macquarie Telecom is the first telecommunications carrier in Australia to achieve Defence Signals Directorate Gateway Certification, conforming to ASCI-33 and the PSM (Protective Security Manual). ISO 9001:2000, PCI DSS Certification and SAI Global - ISO 27001:2005 are amongst other high level accreditations that combine to establish Macquarie Telecom as being recognised as Australia's most highly security accredited datacentre.
McAfee Secure & PCI Compliance Scan Results for e-Path
The above graphic is an actual screen capture of part of e-Path's McAfee™ PCI DSS auditing program control panel

Asymmetric cryptography (encryption - decryption):

e-Path uses powerful cryptography to further encrypt the payment data entered by the customer. 2,048 bit RSA encryption is a patented algorithm and recognised by Visa, Master Card, American Express and Diners Club as an approved encryption type. With e-Path there are multiple instances of this which all occur on top of and in addition to the SSL encryption that exists to protect the live connection between cardholder and the business owners e-Path gateway system.

According to Qualys CEO Philippe Courtot: "The challenge with encryption is that older payment systems were not built to support the scrambling technology... Encryption is the ultimate measure of security.." From:

This protects data during the transporting stage, directly from you the cardholder to the official bank approved merchant account owner.

Here is a example of how a credit card looks when it is encrypted by e-Path. This data is utterly useless to anyone other than the specific merchant it has been encrypted for in the first place ...


You may be interested to learn the above is a true example, it is the actual credit card belonging to e-Path's founder. It remains totally and absolutely secure despite is being publicly viewable on this website since 2007. A bold but very effective demonstration of the strength of the encryption used by e-Path.

Once an individual gateway system has been set up for an online business owner they become the only party in the world capable of decrypting card data encrypted on their unique gateway.

What some people say ...

"[e-Path] An ingenuously simple and logical approach with the potential to ease a little pressure on the credit industry as they continue the struggle to close security vulnerabilities with card based live transactions over the internet."
David Taylor - Commerce Tomorrow (Monthly Publication)

""[e-Path] sacrifices the convenience of instant internet based transaction processing for the sake of improved security and control. Granted, they [e-Path] do this well but I for one will not be going to a manual system."
Claire McKinley - Enterprise Commercial Quarterly

"We all know high strength 2,048 bit asymmetric cryptography is unbreakable. What is unique is how they [e-Path] have designed their relatively simple non-processing online credit card handling service around it. Clever."
'Professor Byte' - Willmington e-Commerce Advisory Committee

"This [e-Path] is not a new direction at all ... it simply sends us back to basics which as e-Path has identified can reduce online risk significantly ... reduced risk could see merchant services providers re-think their tough approach towards the entry level virtual business market."
S. Johnston Jnr - Smith, Johnston and Boverich. Strategic Financials.

"You simply can not get a better way to protect credit card information on the internet than for it not to exist on the internet. E-Path delivers what is shaping up to be an almost annoyingly commonsensical solution to the problem of online credit card data security."
Damien Croft - CEO, ComCron

"This new manual gateway from the Australia company, e-Path Pty Ltd, will only appeal to those likely to be doing small numbers of transactions per day and as such can not be considered a mainstream alternative to current live online processors. Reverting back to manual processes means reduced productivity for most businesses. But talk security and I concede e-Path has raised the bar to an impressive height, no doubt about that."
Samantha Goldburg - The Online Merchant

""Their non-permanent storage of card holder data nails a previously unattainable goal for online credit card handlers ... a major achievement that should delight the card provider companies .... but looking under the skin they [e-Path} appear to be little more than an online fax machine on cryptographic steroids."
Simon Metcalf - ComZone UK

"Businesses have been cursing the cost of fraud ever since we were able to process payments online. E-Path looks like the first genuine attempt by a payment gateway to improve security by design .... even though it [e-Path] takes you back to handling processes manually their approach has merit."
Mary Merrywhether - Article 'Risks in Business'

A proper online payment processor, no. An easier and safer solution for the smaller e-merchant, quite possibly."
Max Minyarno - Financial Services Manager

"E-Path is no big deal. They have simply identified what causes risk and gone about trying to eliminate it. Bright sparks change the world for the better all the time, like I said, no big deal."
Shane Williams - MacSpeak 2007.

"I can't see much point in this new [e-Path] service. Where's the automation? Ok, so its good news in the security department, but having to process manually offline is not going to see everyone rushing to change their card accepting method. It will suit some but certainly not the majority. Nice idea, but not for me."
Trevor - ZNet feedback

"Just my 2c worth. I did this like a year ago. I use e-path. For a full year I have not recorded one single fraud transaction into my merchant account because I can SEE AND IDENTIFY them when I receive them. I will never go back to the 'dark ages' of Russian roulette with an expensive real time gateway and all those charge backs. No way man.."
'TrueBlue' - Contributing comment on Payment Gateways & Merchant Accounts - e-Commerce Talk

"The average business is fed up with money being taken out of their account [by their bank] because the online transaction done last month through their online processing gateway now suddenly turns out was fraudulent. I think doing things manually offline has some real advantages."
'John' - Contributing comment on Payment Gateways & Merchant Accounts - e-Commerce Talk

The internet can be a safe placeAccept Visa, Master Card, American Express, Diners Club, JCB and all credit card types
Supreme security for e-Commerce is here

CDU Security

the ultimate credit card data security

2048bit Cryptography

e-Path Delivered via Defence Signals Directorate Gateway Certified Telecommunications Carrier
The e-Path Credit Card Payment Gateway
The Credit Card Payment Gateway
How e-Path Works
Merchant Requirements
Demonstration Gateway
About e-Path Pty Ltd
Strategic Partners & Providers
e-Path Security
CDU Security Compliance
Payment Gateway Integration
About the PCI DSS
Gateway Pricing
e-Path e-Partner Opportunities
e-Commerce Hosting
Payment Gateway Q & A
Support Centre
Have Your Say Have your say
e-Path Blog Payment Gateway Blog
TOS, UA, Merchant Agreement
Privacy Policy
Contact e-Path
Apply for e-Path Now
Site Content Disclaimer
Reduce your e-commerce costs with e-Path e-Path exclusively uses THAWTE SSL
This website makes no determination as to the suitability of the e-Path service for your particular personal or business needs.
e-Path is an Australian based global provider of the e-Path Internet Credit Card Payment Gateway Service.
All Rights Reserved - Copyright 2006 - E-PATH PTY LTD
ACN:124032917 | ABN:70124032917
cPanel Reseller Hosting Australia
Premium Reseller Hosting Australia