Security Information
about security and how we implement it
Your customer's privacy is valuable. We take every step possible to insure their personal information will not be compromised.
- Implement AVS/CVV2 - If your merchant/credit card processor allows it, we will implement it. We think address validation and card code validation are important tools to prevent fraudulent transactions.
- SSL - We only implement systems that transmit data across a Secure Socket Layer. This transmission type is typically used across port 443 and you can recognize it because the website address will begin with https://. The reason this adds security is that this protocol dictates that your browser and the web server "shake hands" with an RSA encryption algorithm before they start passing information. It gets complicated from there, but suffice to say it is the web standard and we do not deviate from it.
- Data Storage - Customer data is stored on the server only temporarily. It is used as a convenience for customers who frequently shop an eCommerce site and only when requested by the customer. Otherwise, all CVV2 and Card information is truncated upon sale completion.
- Customer Data - Customer information such as address and phone number is stored temporarily as a means of successfully completing each order. This data can be deleted by the administrators and also exported in CSV format across a secure connection (see SSL above).
- Transaction Data - Information relating to the transaction is temporarily stored on the server to provide necessary information for completing the order. This information can be exported and deleted for storage offline however some aspects of the transaction are kept on file for accounting and inventory purposes.
We also make the following recommendations:
- Change your administration passwords on a regular basis.
- Using non-readable passwords. never use your street address or dogs name!
- Expunge your online transaction records as soon as possible
- Never collect unnecessary information (maiden names, extra phone #'s)
- Investigate repeated attempts by the same person, but with different cards, and attempts for VERY LARGE orders.
