All of our servers are PCI compliant, and we provide our clients free compliance reports to show their banks/merchant providers. (This is through ScanAlert)
As far as CISP, that is a bit more complicated. Due to our infrastructure (multiple datacenters), the fact that you are sharing a server with other clients, and the fact that you, the administrator of the store have full control over your store database, we have not been able to get certified. However, since version 2.1, we no longer store credit card information on the store database, and so, should someone manage to break the firewall, decrypt the software, then decrypt the database, all they would have is the last 4 digits of the card number. For clients that process orders offline and so need the credit card number stored, there are ways to clear out or partially erase the number after a period of time.
__________________
----------------------------
Gonzalo Gil
3dCart Support
800-828-6650 x111
|
CISP & PCI Compliance
Linear Mode
