Payment Security

Payments Powered by 2Checkout

All payments on Exospace are processed exclusively through 2Checkout (now part of Verifone), one of the world's most trusted and secure online payment processors. We never store, handle, or have access to your credit card details at any point in the transaction.

PCI DSS Compliance

2Checkout is fully compliant with the Payment Card Industry Data Security Standard (PCI DSS). This means that all payment data is handled in accordance with the strictest international security requirements mandated by major card brands (Visa, Mastercard, American Express, and others).

Because 2Checkout manages the entire payment form and transaction flow, Exospace's own servers are never in scope for PCI DSS — your card data never touches our infrastructure.

SSL Encryption

All data transmitted between your browser and our servers — including login credentials and account information — is encrypted using TLS 1.2/1.3 (256-bit SSL). You can confirm this by the padlock icon in your browser's address bar when visiting any page on exospace.gallery.

Security Headers

Our servers enforce strict HTTP security headers on every response, including:

• Strict-Transport-Security (HSTS) — Forces HTTPS for all connections.
• X-Content-Type-Options — Prevents MIME type sniffing attacks.
• X-Frame-Options — Blocks clickjacking by preventing our pages from being embedded in iframes.

What We Don't Store

To be completely transparent, Exospace does not store: credit card numbers, CVVs, expiry dates, or any other payment card data. All payment information is tokenised and managed entirely by 2Checkout's secure infrastructure.

Reporting a Security Issue

If you discover a security vulnerability on our platform, please report it responsibly by emailing support@exospace.gallery with the subject line "Security Report". We take all reports seriously and will investigate promptly.