The entire PayByPhone solution is based on the bank card payment security rules developed by Visa/MasterCard networks, with PCI-DSS accreditation.
Data passing through the website and other web interfaces offered by PayByPhone (mobile internet, apps) are all encrypted in HTTPS.
Your credit card details are encrypted and will not be visible during a transaction to your staff. Your PayByPhone account is also protected by a personalised password.