Payment Security

Payment Security

What is a pre-authorisation on a credit card?

When an order is placed with us through our Online Store, an immediate credit card pre-authorisation occurs. Let's start by clarifying exactly what a pre-authorisation (commonly referred to as a "pre-auth") is.

A credit card pre-authorisation is much like any other charge to a credit card, except instead of actually debiting funds from the cardholder a temporary "hold" is put on the funds that lasts for 5 days. At a technical level, the actual duration of the hold depends on the merchant classification code (MCC code).

Once a credit card has been pre-authorised the cardholder cannot go and spend this money anywhere else. However, at the same time the charge doesn't actually show up on the cardholder's credit card statement. (Although, if you call the card issuer, they will confirm that a pre-authorisation is holding funds on the cardholders account). 

The merchant (us) must go in and "capture" the funds within the set period dictated by your bank. If not, the pre-authorisation will expire and the funds will be released by the card issuing bank back to the cardholder.​

Payment Security

Mike's Dive Store has been trading for over 30 years and takes your business and security very seriously. We are part of the HTTPS Everywhere movement and thus have moved our entire site on the HTTPS protocol which used only to be used for the payment section of e-commerce websites but now Google is pushing for any and all e-commerce sites to have this enabled for their complete site. Mike's Dive Store is the first UK dive equipment site to have moved on to this system meaning that all of your details, browsing and payment information is encrypted.

We are also fully certified Level 1 PCI DSS Compliant and include a 128 bit SSL certificate with Sagepay, the leading online provider of e-commerce transactions and security within the UK. 

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card and debit card information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around credit card data to reduce credit card fraud via its exposure.

There are six categories of PCI standards that must be met in order for a merchant to be deemed compliant:

  • Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy