PCI Compliance and our shopping cart software

Compliance with the Payment Card Industry (PCI) cardholder data security standards is a requirement for all Internet merchant. It makes sense. All Web stores should adhere to a common set of security measures to protect everyone's confidential information.

Here you will find answers to frequently asked questions about PCI compliance and ProductCart.

Can my ProductCart-powered store be PCI compliant?

Yes, we have added a series of security measures and features to make the software successfully pass PCI compliance testing. For example, the CVV2 is never saved to the store database, and all Control Panel activity is logged (2 of the requirements for PCI compliance). However, please note that PCI compliance is also dependant on other elements that are part of your e-commerce system.

What should I do to obtain a certificate that says that my store is compliant?

You need to sign up for PCI compliance testing with one of the companies that offer this service. There are many vendors that offer this service.

We have partnered with ScanAlert - one of the leaders in the field - to offer you FREE PCI compliance testing. Learn more about free PCI compliance testing from ScanAlert.

Can software like ProductCart automatically grant PCI compliance?

No, a software application like ProductCart cannot by itself be PCI compliant and therefore cannot automatically grant a Web store that uses it the status of "PCI Compliant". That's because PCI compliance refers to the entire e-commerce system that powers your store, including your Web hosting environment and the payment gateway used for credit card processing. The PCI compliance testing service that you sign up with will ask you questions about your entire e-commerce system (e.g. where you are hosted, which payment gateway you are using, etc.) and will take care of ensuring that everything is compliant.

Will Early Impact assist me in my PCI compliance testing?

No, the PCI compliance testing provider that you sign up with will provide customer service throughout the process. However, we have prepared a document that contains answers to questions listed in the PCI Compliance Questrionnaire that apply to ProductCart (download).

We will always be ready to intervene in case an issue related to the software is preventing your from obtaining PCI compliance. We don't know of any at this time. However, new security scanning techniques are developed all the time, and sometimes point out a possible issue that had not surfaced in previous scans: in that case, we immediately fix the problem, if there is any).

So... what's next?

1. Update your ProductCart-powered store to the latest version using the "Check for Updates" feature.
2. Download answers to questions contained in the PCI Compliance Questrionnaire that apply to ProductCart.
3. Sign up for free PCI compliance testing with ScanAlert (and get substantial discounts on HackerSafe!).

Free (a $149 value) We have partners with ScanAlert to bring you a free PCI compliance service. ScanAlert is the leader is PCI certification services. Accepted by all banks ScanAlert's PCI certification meets the requirements of Visa, MasterCard, American Express, DiscoverCard and JCB.