We work under HTTPS protocol, which encrypts payment details, and annually pass security inspection according to Visa and Mastercard security standards (PCI DSS).
Store and Yandex.Checkout interact via HTTPS security protocol: details of your store and clients are transmitted to our service in encrypted form. The information sent in reply is also encrypted.
To use HTTPS protocol, your site needs to have the SSL security certificate. Any certificate will do: a custom made one and the one issued by a certification authority.
If you do not have the SSL, you can get one under your Merchant Profile upon signing up.
PCI DSS standard
To work with cards, you need to get the PCI DSS certificate. This is an international security standard for payments with bank cards: it includes 12 requirements developed by Visa, Mastercard, and other payment systems. The PCI DSS certificate is issued on the basis of the results of audit check: Yandex.Money acquire it every year.
If you accept payments via Yandex.Checkout, you do not need the certificate: everything is secured.