We use a payment gateway called FastSpring that serves securely over HTTPS using a 256-bit encryption certificate provided by Symantec. They use dedicated servers that handle SSL requests to speed up the transaction processing. These servers are in full compliance with the PCI Data Security Standard, independently verified.