Safeguard sensitive data with the latest Payment Card Industry standards.
Any kind of business engaging in online transactions is subject to the Payment Card Industry Data Security Standards (PCI-DSS). This set of rules, set forth in 2004 by the major credit card organizations, outlines guidelines and best practices for processing sensitive information to reduce fraud. At Spinutech, we take data security very seriously, staying on top of changes in PCI compliance standards, and building ecommerce websites that adhere to best information security practices.
You want customers to feel safe when making purchases on your website. That’s why PCI compliance is of the highest importance. We help keep sensitive data secure and limit your liability by working directly with payment processors like Authorize.Net and using their library of code. This way, all sensitive data is sent straight to the processor and never hits our servers. Although PCI compliance is not required by law, heavy fines can incur if your site is not compliant. That’s why we do our part to ensure your site meets PCI standards.
Credit card data is sent directly to the secure payment processor and in turn, we receive a “token” from them to complete the transaction. We do not store a customer's full credit card number or card verification value (CVV). In fact, the credit card data is never even sent through our servers, which reduces a lot of the PCI scope.
Regular Security Updates
PCI-DSS compliance is an ongoing process. We regularly monitor and adjust to the changing PCI compliance standards. Additionally, payment processors will notify us if a change affects how processing is handled. Our goal is to provide your customers with a safe, secure site. If we find something that will improve and further reduce your liability, we will make the change to our codebase. We quickly implement newly established standards and schemes to reduce credit card fraud.