Online Payment Security and Data Privacy


Halfords takes your online payment security very seriously and we promise to protect your personal and credit card information with the highest level of data privacy and security.

We understand that you may be concerned about the security and privacy of online transactions and we hope this page will provide reassurance that your valuable data is protected from prying eyes.

How do you secure my payments?

We use the following systems to help ensure your security is protected when you purchase goods online using your debit/credit card.

The security code is the three or four digit number printed on your debit/credit card, which provides increased protection against debit/credit card fraud.

The number is not embossed on your card, so it cannot be printed on receipts. This makes it difficult for anyone other than the genuine cardholder to know it.

What are they?

Verified by Visa, MasterCard SecureCode and American Express SafeKey are simple password-protected identity checking services that improve security for our customers shopping online.

These services add an extra step into the online checkout procedure and are designed to stop unauthorised purchases, making shopping online even more secure.

What do I have to do?

Most banks or organisations will register you for the corresponding service by default or you can also choose to sign up if that’s not the case. Then, whenever you buy something from Halfords, your bank may ask you to verify your identify with a one-time passcode or other ID check before you can complete the transaction.

We employ data encryption to ensure safe and secure transactions on our site. Our payment area is secured using 128-bit encryption across a Secure Sockets Layer (SSL).

What is an SSL?

An SSL is the standard security technology for creating an encrypted link between a web server and a browser. It means that all of your personal information credit card details, name and address are encoded when it’s sent to us and no one can read it as it travels over the internet.

This system is used by websites worldwide to secure internet transactions between the server and the customer, and ensures that all data passed between our web server and your browser remains private and secure.

In order to be able to generate an SSL link (signified by the gold padlock in the information tool bar), a web server requires an SSL certificate.

Extended Validation (EV) SSL

Extended Validation (EV) SSL certificates provide the highest trust level and are the industry standard for business websites. The EV SSL validation process is the most extensive and rigorous in the industry.

Our EV SSL certificates are provided by a world class certificate authority, Comodo. Comodo is Web Trust compliant, meaning that the company’s business practices and processes have been rigorously audited to American Institute of Certified Public Accountants (AICPA) guidelines by an independent approved auditor (KPMG).

Comodo provides High Assurance Certificates, which validate that a company is a legally accountable organisation with articles of incorporation and that the site has been verified as an authenticated business. To find out more about EV SSL or Comodo, please visit www.comodogroup.com.