Annually we undergo an audit and renew our PCI-DSS validation You can download the attestation of compliance Corecommerce AOC. With our hosted solution, we reduce the burden for our clients with their respective credit card processors.
Becoming PCI-DSS compliant is both time consuming and very expensive. It requires a third-party auditor that is certified by Visa/MasterCard to review both our physical security, as well as perform penetration testing on the software itself to ensure hackers can’t exploit vulnerabilities to gain access to sensitive credit card information. Depending on the type of problems the auditor finds, it can take 3-9 months to pass the rigorous guidelines that are set forth by the PCI Security Standards Council.
High-status cases concerning big corporations have hit the headlines in the last couple of years. The Payment Card Industry has threatened huge fines against some larger merchants of up to $25,000 per month until compliance is obtained. Currently only a few select shopping cart providers are PCI-DSS Compliant.
CoreCommerce is PCI compliant, you can download the paperwork you need to submit to your credit card processor here.