MHFA website security - credit cards and personal information

The MHFA website is secured with Extended Validation (EV) SSL, the highest standard in the Internet security industry for website identity authentication.

Mental Health First Aid International (ABN 57 153 480 436) has an online shop, which is designed to create a user friendly, fast and efficient viewing and purchasing process for our range of merchandise and products for accredited MHFA Australia Instructors and members of the public.

The Merchandise Policy should be read in conjunction with the Privacy Policy and Website Disclaimer, which can be found at

The MHFA shop and course registration systems allow instructors and members of the public to register, enrol and make online payments using credit cards and alternative forms of payment where applicable. MHFA takes the security of your credit card and personal information seriously. The following measures are in place to ensure security of your information:

a) Communication is secured using SSL (encryption).
b) No credit card numbers are stored on our system.
c) Credit card details are passed directly to our banking provider (NAB) and are not stored or processed by MHFA.
d) No compromise of our system could lead to your credit card details being hacked or stolen.
e) All transactions on the site are logged, providing a paper trail for investigating any fraudulent transactions.

With these measures in place, you can feel confident to safely and securely conduct credit card transactions on the MHFA site.

What does SSL mean for my data on the MHFA website?

Secure Socket Layer (SSL) Certificates are the standard method used on the Internet to secure communications between Web users and Web sites. This technology both authenticates the identity of a Web site and encrypts communications between the user and the Web site.

Extended Validation (EV) SSL is a new type of SSL Certificate. A consortium of Internet security experts (Certificate Authority/Browser Forum) including VeriSign created EV SSL to combat the growing epidemic of fraudulent Web activity known as phishing. Phishing is a technique used by criminals on the Web to trick Web users into revealing sensitive personal and financial information to a counterfeit Web site. These phishing sites look like a familiar Web site but they are only a fraudulent front for criminal activity. It can be very difficult to differentiate a phishing Web site from the legitimate Web site. This threat has made it more important than ever for Web sites to be authenticated as genuine by a trusted third party before users share information with them.

For over a decade SSL Certificates have served to authenticate Web sites, however not all SSL Certificates provide the same level of authentication. Some highly authenticate a site and some merely verify that the organisation requesting the certificate has the right to use their stated Internet domain address. EV SSL Certificates represent the highest standard for authentication. They require that every Web site secured with EV SSL pass a standardised process for rigorously verifying the legitimacy of the organisation responsible for that Web site.

We use EV SSL to secure your online transaction with us because we take your online security very seriously. EV SSL signifies that our organisation has passed the strict EV identity authentication process. Our EV SSL Certificate will trigger your browser address bar to display https:// and if you use a browser released in 2007 or later (such as Microsoft Internet Explorer 7) your address bar will turn a noticeable green colour. To the right of the address bar, a field will display the name of the organisation that owns this Web site and this field will toggle to display VeriSign, the industry-leading certificate authority that issued this SSL Certificate. When you see your address bar turn green, simply look to the right to see that the owner of this Web site is the organisation you intended to visit.

MHFA uses SSL to protect your data


Article is closed for comments.
Powered by Zendesk