Securing the Checkout Page
The checkout is the most sensitive page on your site and the most attractive target for attackers. Securing it protects both your customers and your reputation.
This article explains the key protections we put in place around checkout.
The Essentials
- HTTPS everywhere, so data is encrypted in transit.
- Hosted fields, so card data never touches your servers.
- Strong authentication, via 3-D Secure where required.
- Bot protection, to stop automated card testing.
Guarding Against Card Testing
Fraudsters use checkout pages to test stolen cards in bulk. We add rate limiting and challenge mechanisms so your page is not abused, which also protects you from a flood of failed-payment fees.
Keeping It Maintained
Security is not a one-off. We keep dependencies patched and monitor for unusual activity so the checkout stays safe long after launch.
Frequently Asked Questions
Do I need my own SSL certificate?
Yes, your whole site should run on HTTPS. We provision and renew certificates as part of hosting.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.