This document was last updated on 04/04/2013.
PSI-Pay ("PSI" or "we") uses the latest technology to provide you with a fast, secure way of transferring funds to and from our merchants and other PSI members. The security and integrity of your personal information is our top priority, and in order to protect it, we employ all available measures so that you don't have to worry.
All transactions are automatically encrypted from your browser to our website using the Secure Sockets Layer protocol. The site is certified by the Thawte Certification Authority helping to ensure that your information is held securely. Servers which hold any private information are physically separated from all other hardware in restricted, highly secure, areas. Your information is stored safely behind firewalls with no direct connection to the Internet so that all private data is available only to authorised workstations. Highly redundant systems and regular backups are used to ensure that your transaction history remains safe.
At PSI we help protect your information by keeping it a secure environment. When you make a transfer to or from any of our merchants, your personal financial information is not shared and your payment method is not disclosed. By using PSI, you reduce the possibility of your personal information being exposed over the Internet. We make use of electronic, operational and physical security measures that protect our systems (and your data) against viruses, spyware, attacks from hackers, physical theft and fire and water damage.
At PSI we are certified for and comply with Payment Card Industry and Data Security Standards (PCI and DSS).
In order to protect your PSI account, please keep the following guidelines in mind:
- Never share your PSI Password or Username with anyone. You will never be asked to disclose your password or username by a PSI representative or anyone affiliated with PSI. Please see the section on scam or 'phishing' emails below.
- Create a secure password and Username by ensuring that it is not easy to guess. The best passwords are at least 8 characters in length, and combine letters, numbers and symbols. Combining a simple phrase with a couple of significant numbers or symbols is an easy way to create an easy to remember and secure password.
- Do not use the same password or Username at PSI that you use for other online services. Using the same password at multiple sites will increase the chances of someone being able to access your account.
- Remember to periodically update your password. By changing your password on a regular basis, you reduce the chance of it being compromised. Also, if you ever suspect that someone might have discovered your password, be sure to reset it as soon as possible.
Scam or Phishing Emails
You will have heard about scam or phishing emails. These are sent by people, perhaps pretending to be from ecoPayz or PSI, and they will ask you to disclose all or some of your personal and security information.
Don't: These are probably from criminals looking to take over your account and steal your money.
Usually these emails will direct you to a site that will ask you to "update" or "verify" your details, perhaps threatening that your account will be closed if you don't. Never give these details, respond to the email or visit any website linked from it. Be warned - these can appear to be genuine.
Always check when you log in to the PSI site that the URL in the address bar starts with https:// www.ecopayz.com/ followed by e.g. "login.aspx"; this is a secure encrypted page, and this is the ONLY page at which you should enter your login information. If you do receive a suspicious email hover your cursor over the link in the email and see if the address of the link is the same as any address shown in the text of the email.
PSI will never ask you to disclose all of your personal or security details by email. The most we ask from you when you log in is your username and password.
The people responsible for these 'phishing' emails send the same message to as many email addresses as they can find. They do not know your personal security details but the aim of the email is to get them.
That's why, where we can we'll include some personal information about you on any emails that we send, for example we'll usually use your first and last names in any emails sent to you. In addition you should look out for the following things that may point to the email being a phishing attempt:
- Grammatical and/or spelling errors on unprofessional looking emails,
- Offers that seem 'too good to be true' e.g. 'free' money offers,
- Links that take you to a 'spoof' address that doesn't look like your normal PSI / ecoPayz login address.
If you've received a scam email, please forward it on to firstname.lastname@example.org. We won't be able to reply individually but we do investigate every email to ensure that any fake sites are closed down as quickly as possible.
ecoPayz is a brand of PSI-Pay Ltd. PSI-Pay Ltd is authorised by the Financial Conduct Authority under the Electronic Money Regulations 2011 (FCA reference number 900011) for the issuing of electronic money. PSI-Pay Ltd registered office is at Afon Building, Worthing Road, Horsham, West Sussex, RH12 1TL, England.