Security of your store is now your personal responsibility. PRMWD eCommerce Software is first and foremost about security and your first question should be "are you PA-DSS compliant?” Pinnacle Cart is proud to be one of the few E-Commerce applications to be both PA-DSS (Payment Application-Data Security Standard) and PCI compliant. As a merchant hosting your own store, using a PA-DSS E-Commerce system is no longer something that is simply "nice to have.”
The PCI SSC (Payment Card Industry Security Standards Council) imposed a July 1, 2010 deadline, at which time the systems that companies use to process credit card transactions must be "PA-DSS compliant.” This means they must comply with new data security standards established by the PCI SSC. Merchants using non PA-DSS compliant systems after that date can technically be considered non-compliant with PCI standards and could be in danger of losing their merchant account. Loss of a merchant account could include loss of their right to accept credit card transactions (though this may only be discovered via a "forensic” assessment after a security breach.)
PA-DSS represents a very specific set of requirements that systems must meet if they are to be used in processing credit cards. Systems must be audited by a PCI DSS approved assessor who will assign a "pass” or "fail” to the application.
These aforementioned Auditors (known as QSA’s) work with software vendors to ensure the application is secure and will pass PA-DSS compliance.
Merchants who are not PCI compliant are not only exposed to possible fines or penalties, but also run the risk of having their credit card privileges revoked. DO NOT RUN THE RISK OF FINES OR OF NOT BEING ABLE TO ACCEPT CREDIT CARDS ON YOUR SITE.
Make sure the E-Commerce application you are using for your storefront is PA-DSS compliant.