PCI / CISP Certification and Other Security Services.
Non-PCI/CISP Compliant Merchants Face:
- Class-action lawsuits
- up to $10,000 in monthly fines
- up to $500,000 in fines (per incident)
- Losing the ability to process transactions altogether
The Payment Card Industry (PCI) Data Security Standard was created by the four major credit card providers: Visa, MasterCard, Discover and American Express., the PCI Standard was created in response to the growing severity of credit card theft and online fraud, with the goal of protecting and securing cardholder data transfers during transactions between you and your credit card processor. The PCI has developed secure and robust industry standards for card data online security to be followed by both merchants and providers alike.
If you sell and accept -or want to accept- credit cards online, then you MUST be PCI/CISP compliant. The deadline for compliance has passed and it’s not something you can claim unawareness toward.
Our hosted solution is CISP Certified.
The vast majority of of shopping cart solutions are NOT PCI/CISP certified. You are at risk if you use a non-compliant solution.
These non-compliant hosted solutions are unable to achieve certification due to either not having the required capital to complete certification, not having the knowledge or manpower to code and configure the elements needed for a secure platform.
"The PCI Data Security Standard (PCI DSS) was created by the major credit card companies to ensure the adoption of consistent security measures by all merchants. There are 12 requirements for meeting the PCI DSS, broken into 6 groups:"
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
"Requirement 4: Encrypt transmission of cardholder data across open, public networks"
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
Other Security Services We Provide assistance with:
1. Dictionary attack prevention with profile blocking for the control panel
2. Prevention from SQL Injection attacks in high risk sensitive areas
3. Password and sensitive information encryption with RC4 and DES algorithms
4. Support for credit card record deletion after transactions are processed
5. Detailed recording of catalog stock operations
6. Snapshot of each sale to verify the amount charged for each product in each order
7. Support for blocking purchases from free e-mail addresses and orders with suspicious text strings
8. Support for blocking customers who have performed chargebacks and/or troublesome customers
9. Recording and viewing the last login at the control panel
10. Recording customers' IP with each order
11. Global customer password resetting when threatened by intrusion
12. Support for closing the store with one click and avoiding checkouts in order to diagnose trouble
13. Delivery of database error reports to the administrator by email or SMS
14. Admin password verification test.
15. Security Certification Shield Program. coming soon...
16. SSL installation and verification.
17. Image validation captcha for forums and blogs.
If you would like take advantage of our expertise or Brand, Design, Develop or Promote your next project then get in touch, we're nice people to work with.