Veracart Data Security Guidelines
Have Questions?
Call 877-769-6945

Veracart Data Security Guidelines

Veracart takes data security very seriously and employs all the latest security precautions to safe guard cardholder data.

We recommend users, store owners and website owners follow the data security recommendations outlined below.

Credit Card Holder/Cart User Data Security Responsibilities

1. Credit Card holder must have anti-virus/anti-malware installed, that is up-to-date, and functioning properly on the computer from which the order is being placed.
2. Card Holder should watch for any security messages displayed by the browser such as untrusted certificates which would indicate non-encrypted data transfer.

Merchant / Store Owner Responsibilities

1. Access to the Veracart admin is limited to responsible trustworthy persons.
2. A secure password is used for accessing the Veracart admin. We recommend passwords with at least:

At least one upper case letter
At least one symbol or character such as !@#$%^&*?
At least one number between 0-9.
Never using common dictionary based words such as “password”
Never using common patterns such as “qwerty1234″

3. Regularly changing the Veracart admin password.
4. Credit Card data is never written or printed and thrown away without being destroyed first.
5. All computers used to access the Veracart admin have anti-virus/anti-malware installed, is up-to-date, and functioning properly. We recommend never accessing the Veracart admin without first making sure the computer has anti-virus / anti-malware software installed and is up-to-date and functioning properly.
6. If credit card order data is ever exported to a file or stored in a file, the file(s) are destroyed/deleted and do not sit on a non-password protected machine. Credit card data is NEVER emailed or transferred insecurely to co-workers, etc.
7. Adequate measures are taken to ensure access to the Veracart admin is limited.

Securing your website

1. A secure password is used for accessing your website

At least one upper case letter
At least one symbol or character such as !@#$%^&*?
At least one number between 0-9.
Never using common dictionary based words such as “password”
Never using common patterns such as “qwerty1234″, “asdf”, etc.

2. Creating a separate ftp password for each person who is given access to the website.
3. Creating a separate “admin” password for each person who is given access to the website.
4. Regularly changing the passwords set up for each person with access to FTP or “admin.”
5. Running up-to-date anti-virus on the computer used to FTP files up to the website.

Veracart Shopping Cart Data Security Responsibilities

1. All sensitive card data is encrypted before/during/after transmission between cardholders computer and Veracart servers.
2. We use a trusted SSL provider to ensure that all data passes over an HTTPS (secure connection).
3. Veracart is PCI/DSS compliant.
4. Veracart is regularly scanned by a 3rd party service who analyzes and recommends any needed upgrades or potential programmatic security issues. These are taken care of immediately.
5. Veracart regularly scans sites for rogue code including malware and spamware. We are notified immediately if any such code is found. This is dealt with immediately.
6. Credit card data is stored encrypted in our database. If anyone were to access the database all they would see is an encrypted string that is meaningless and unusable. We do not store credit card data in non-encrypted form.

Comments are closed.