You don't actually give your credit card number to us; you type it in on a secure website, Billing People. Then your payment gets approved by Moneris (a very large credit card service provider which services lots of retailers too),
After this we get an email saying which invoice has been paid. They don't include any other information; no expiry date and not the credit card number. So even if their email was intercepted there is not sufficient information included to use your card fraudulently.

If you were to pay with INTERAC online, the debit service, it would be even safer. It works the same way that you pay your utilities over the Internet. Your information does not even leave your own bank. We send a request to Moneris, who forwards this request to your own bank. You log in as you do with all other online banking.
When you have approved the charges your bank informs Moneris which invoice was paid and Moneris passes that information on. They don't even disclose your debit card number to us, there is no information in that email that could be abused. All they are saying is which invoice has been paid (and we know who created that invoice on our system).