Payment Security and PCI DSS

Last updated: 25 May 2026

AuctionBargain takes payment security seriously. This page explains how we handle payment information, what data we do and do not store, and how your payment details are protected when you buy through our auction marketplace.

What We Do NOT Store

  • Full credit or debit card numbers
  • CVV/CVC security codes
  • Bank account login credentials or passwords
  • PayPal login credentials or passwords
  • Apple Pay payment credentials
  • Google Pay payment credentials
  • Any other sensitive payment authentication information

How Payments Are Processed

Sensitive payment information is handled by approved third-party payment processors, payment gateways, hosted checkout systems, tokenised payment elements, and mobile payment SDKs. When you enter payment details on AuctionBargain, you are interacting directly with these secure providers — your sensitive data is tokenised or processed by them and is never stored on AuctionBargain's servers.

Payment Metadata We May Store

AuctionBargain may receive and store limited non-sensitive payment metadata from payment processors, including: transaction ID, processor reference number, order ID, payment status, amount, currency, timestamp, payment method type, card brand, and the last four digits of your card number where supplied by the processor. This metadata is used for order management, reconciliation, receipts, customer support, fraud prevention, accounting, refunds, chargeback and dispute handling, and legal compliance.

PCI DSS Position

Card data entered on AuctionBargain is handled by PCI DSS-compliant third-party payment processors. AuctionBargain's integration with these processors — through hosted checkout tools, tokenised payment elements, or mobile payment SDKs — is designed to minimise our PCI DSS scope. AuctionBargain does not store, process, or transmit raw cardholder data on its own servers. Our compliance obligations are limited to the applicable PCI DSS scope for our integration method.

What We Never Ask For

AuctionBargain will never ask you to send full card details, CVV/CVC codes, banking passwords, PayPal passwords, Apple Pay credentials, or Google Pay credentials by email, chat, SMS, phone, or support ticket. If you receive any communication requesting this information, do not respond and contact [email protected] immediately.

Security Measures

  • All payment pages and the entire AuctionBargain website use HTTPS/TLS encryption to protect data in transit between your browser and our servers.
  • Payment processing is handled exclusively through approved, PCI DSS-compliant third-party providers using industry-standard encryption and tokenisation.
  • We do not store raw cardholder data, CVV/CVC codes, or payment authentication credentials on our servers or databases.
  • We implement access controls, monitoring, and regular security reviews to protect the limited payment metadata we store.
  • We maintain secure infrastructure and follow security best practices for web application and server management.

If You Suspect a Security Issue

If you believe your payment information may have been exposed, misused, or compromised in connection with AuctionBargain, contact AuctionBargain support immediately at [email protected] and also contact your bank or payment provider. Prompt reporting helps us investigate and protect your account.

AuctionBargain is a brand owned and operated by Confidia Limited (ACN 641 060 782, ABN 65 641 060 782) trading as AuctionBargain. Registered office: 7 Macwood Road, Smiths Lake NSW 2428, Australia.