Hey!
My e-commerce site selling handicraft products is ready to launch within a month. A friend of mine si doing all the behind the scene works for me. Products are all added and payment systems - paypal and a credit/debit card payment systems are implemented. I want my customers to have a very secure payment system to pay and I am not willing to make any compromise. I have heard about PCI Data Security Standards to protect customers card data. Is it by default implemented when a payment system is implemented? Or should I do anything extra? My website is secured with HTTPS (SSL). Can someone advise me about it?
Thanks!
Enhancing security to payment process?
MVP
- 11324
- 100972
- 5/22/2011
- United States
nopCommerce is PCI DSS compliant. However, that does not mean "certified", which I believe your site has to do on its own (and which you can do yourself, or get a 3rd party to do it). You can search the forums for PCI and see some of the discussions about it. If you are using Authorize.NET and PayPal, then those are "hosted" solutions and thus you are not storing CC info in your DB, and should have no problem passing PCI certification.