• Sales: 1.800.747.4270
  • Support: 1.615.550.5523
  • Login

Customer Login

Don't have an account yet? Open a new store today! Click the link below to get started with you free unlimited trial of CoreCommerce.

CoreCommerce

Free Trial
 

PCI Compliant Ecommerce Software

MasterCard: View CoreCommerce on the list (PDF)

CoreCommerce is Compliant!

We are PCI-DSS compliant as of December 7, 2009. We were audited by Chief Security Officers, LLC based in Scottsdale, Arizona. We had implemented most of the PCI-DSS requirements already, so the 3 month PCI audit was mostly pain free.

If you sell online, then your PCI Compliance deadline is fast approaching. This means if you are currently using a shopping cart provider, they must be compliant by this deadline or Visa/MasterCard will no longer allow you to accept credit card payments from your customers. If you are starting to sell online for the first time, then your ecommerce shopping cart provider will need to be PCI Compliant (CoreCommerce is PCI Compliant).

The Long Road To PCI Compliance

Becoming PCI/CISP compliant is both time consuming and very expensive. It requires a third-party auditor that is certified by Visa/MasterCard to review both your physical security, as well as perform penetration testing on the software itself to ensure hackers can't exploit vulnerabilities to gain access to sensitive credit card information. Depending on the type of problems the auditor finds, it can take 3-9 months to pass the rigorous guidelines that are set forth by the PCI Security Standards Council. Here are the basics:

CoreCommerce passed these rigorous requirements in 3 months. More information about the Visa/MasterCard PCI requirements are here.

Only 12% Are Compliant

High-status cases concerning big corporations have hit the headlines in the last couple of years. The Payment Card Industry has threatened huge fines against some larger merchants of up to $25,000 per month until compliance is obtained. In the high-profile case of TJX (owner of T.J. Maxx, Marshalls, Home Goods and A.J. Wright retail chains), the company reported spending $202 million because of the PCI violation that compromised the cardholder account information of as many as 40 million customers. The money is being spent to handle more 20 lawsuits brought against it by banks and consumers in the U.S. and Canada and to pay settlements with credit-card associations. Currently only a few select shopping cart providers are PCI-DSS Compliant.

Merchants that are NOT PCI COMPLIANT can face:

The Good News?

CoreCommerce ecommerce shopping cart software is in the small percentage of providers who ARE compliant and who have PCI compliant ecommerce software.