Shopping Cart Elite uses the nSoftware e-Payment Integrator component for processing credit cards, making Shopping Cart Elite PABP / CISP compliant.

• nSoftware Visa Approval
  

• nSoftware PCI Security Standard Approval

Shopping Cart Elite supports over 40 different payment gateways and counting. We however recommend Payleap as our preferred merchant partner.

• View the full list of payment gateways

3-D Secure is a credit card authorization program implemented by Visa, MasterCard, and JCB, built to reduce fraudulent purchases by verifying purchaser identity during online transactions. The benefits if implementing 3-D secure include a reduction in disputed transactions and chargeback's and their resulting financial expense.

• View more information about 3-D secure

The ECheck component connects to Electronic Check (eCheck / ACH) gateways such as the Authorize.Net eCheck.Net service. The ECheck component provides a common interface which allows your application or website to securely process electronic checks without the need to redirect to a third-party site.

Used to verify that a given credit card number is formatted properly, and could be a valid card number. Reduces fees that may be associated with invalid or declined transactions.

Too much information about PCI compliance is found on the internet today. To make it simple to understand, here is an explanation in Simple English.

PCI is not, in itself, a law. The standard was created by the major credit card brands such as Visa, MasterCard, Discover, AMEX, and JCB. Since your online cash transactions are completed by the banks that operate under these major card brands, you have no choice but to comply with their standards or risk facing extremely unpleasant and costly consequences. I am sure you would not be happy if one day, your money will be withdrawn from your bank account, your merchant account will be frozen and then you will get a letter from your processing bank, stating that you are not allowed to process credit cards. YOU MUST BE PCI COMPLIANT, THERE IS NO WAY AROUND IT.

Experiencing a data breach can literally cost your business. You can have your complete business shut down over night over one data breach. If you want to hear horror stories, just Google for Credit Card breaches on and see the consequences for yourself. PCI compliance sounds like a geek term, so here is a real life example:

Imagine buying a brand new car, putting an additional $50,000 into it and spending 3 years of work to make it look nicer. Then you will be asked to leave your car in a high crime neighborhood for an indefinite period of time. The question will not be "Will your car be broken into, stolen, damaged or destroyed?", but "When will it happen?", and it will happen, it is just a matter of time.

Your website is on public internet, everyone can see it, and any hacker can attempt to break into it. If you are not PCI compliant, your chances for avoiding a data breach is slim.

• Read PCI compliance frequently asked questions

How can you get PCI compliant? Becoming PCI compliant means, you do not store credit cards after you process them or you are using the PCI compliance standard to store credit cards after your process them.

Some Shopping Carts (open source or those that require you to host your own) advertise themselves as PCI compliant. But their solution to PCI compliance is to not allow you to store credit card data for your clients. This is a simple answer to PCI compliance, but not the most convenient one. For example, by not having the ability to store credit card data, you:

• Can't automatically process refunds
• Can't automatically charge a customer
• Can't offer subscription services
• Can't provide a customer with a fast way to checkout on your website
• Can't charge a customer if something failed to charge successfully the first time
• Can't offer credit card authorizations
• Will constantly find yourself calling customers back to get their credit card one more time
• Can't charge a customer an additional fee if necessary
• Can't charge a customer if you realized you didn't charge him enough by mistake
• etc.

If you host your own Shopping Cart software , YOU MUST be PCI compliant. Getting PCI compliant for your own hosted solution will require you to pay for:

• Upgrading payment systems and security infrastructure,
• Purchase additional firewalls,
• Upgrading anti-virus and anti-spyware software,
• Secure wireless systems,
• Perform data encryption technologies and file-integrity monitoring software,
• Write and maintain a security policy,
• Verifying compliance (assessments), and
• Sustain the compliance by paying an IT company or staff.

These upgrades will cost you around $10,000 - $35,000 and a few thousand dollars annually. Shopping Cart Elite paid over $65,000 to get PCI complaint, in addition to paying a monthly maintenance fee to maintain the PCI compliance.