We take the security of our fans' information extremely seriously.
As a sports team's website, we have no need for the fans to create an account with a username and password, however, we will allow them the option to enter their email address to receive a monthly newsletter. When this information is entered, a confirmation email will be sent to make sure that it is a legitimate request. After that, the email will placed into a database with the rest of the emails to receive the newsletter. This information in this database will be encrypted with our company's private key to ensure that no one else can attain it. For an added layer of security, there is an added password before you can even reach the encrypted data, which only a few members of the organization will know.
When it comes to purchasing tickets and/or merchandise, the user will input their credit card information, which will be encrypted and placed into a database similar to the email database. The main difference is the each aspect of the credit card (card number, CVV code, and expiration date) will be encrypted separately with different private keys and then placed into a common folder which is encrypted again with a different private key. This database will also be protected by a password that will be known by even fewer members of the organization.
This may seem a little extreme, however, most purchases from this website will not be made regularly, therefore, we have incorporated a "one-time-purchase" ideology in order to keep all of our customers' information secure.
