Security of your store is now your personal responsibility. When looking for a Shopping cart or ecommerce sollution your first and foremost question to the company should be "are you PA-DSS compliant?" TurnKey Commerce is proud to be one of the few eCommerce applications to be both PA-DSS (Payment Application-Data Security Standard) and PCI compliant. As a merchant hosting your own store, using a PA-DSS eCommerce system is no longer something that is simply “nice to have.”

Click to view our compliance letter – PA-DSS Ecommerce Compliance

All merchants as of July 2010 (a deadline imposed by PCI SSC and all major credit card companies), at which time the systems they use to process credit card transactions must be “PA-DSS compliant;” meaning you must comply with new data security standards established by the PCI SSC (Payment Card Industry Security Standards Council). Merchants not using PA-DSS compliant systems as of July 2010 cannot technically be compliant with PCI standards and will be in danger of losing their merchant account; i.e., their right to accept credit card transactions (though this may only be discovered via a “forensic” assessment after a security breach).

PA-DSS represents a very specific set of requirements that systems must meet if they are to be used in processing credit cards. Systems must be audited by a PCI DSC approved assessor who will assign a “pass” or “fail” to the application. Those that pass will be put on an official list of PA-DSS compliant applications (available online at www.pcisecuritystandards.org).

These aforementioned Auditors (known as QSA's) work with software vendors to ensure the application is secure and will pass PA-DSS compliance. TurnKey Commerce’s Accessor is K3DES, and the underlying software utilized in our hosted ecommerce solution has passed compliance testing.

Merchants who are not PCI compliant are not only exposed to possible fines or penalties, but also run the risk of having their credit card privileges revoked. DO NOT RUN THE RISK OF FINES OR OF NOT BEING ABLE TO ACCEPT CREDIT CARDS ON YOUR WEB SITE.

Make sure the eCommerce application you are using for your storefront is PA-DSS compliant. For more information about PA-DSS, please direct your browser to www.pcisecuritystandards.org.