PA-DSS compliant eCommerce Software

Free Download

Features
Version Comparison
VevoCart Community
VevoCart Premium
VevoCart Multi-Vendor Marketplace
VevoCart Templates
PA-DSS Certified
Payment Gateway Supported
FAQs
What's New

Design Integration
Customization
Installation
Support Plan

VevoCart Premium
VevoCart Multi-Vendor Marketplace
More Store License for Premium
Copyright Removal License
Version Upgrade
VevoCart Templates
Volume Discount
Support Plan
Update to Latest Release

Documentation
Customer Site
Ecommerce Articles
Customer Account
FAQs

VevoCart is an ASP.NET PA-DSS Certified eCommerce application which is designed and implemented to meet all PCI compliance requirements.

VevoCart processes payment through VevoPay which has been fully audited by the qualified assessor and is a PA-DSS certified payment application.

Key Security Implementations

Please note that a PA-DSS Certified Application must implement all PCI requirements and audited by qualified security assessors (QSAs).

Please be careful of applications claiming as PCI/PA-DSS Compliant but has not been audited by security assessors.

Credit card and sensitive stealing prevention
Cross-site request forgery (CSRF) prevention
Cross Site Scripting Flaws prevention
Secure authentication
Secure cryptographic storage
Secure communication

Role-based access control
Payment logging
Proper error handling
Injection Flaws prevention
Malicious File Execution prevention
Secure Direct Object Reference

About the PCI Data Security Standard (PCI DSS)

PCI Data Security Standard is the payment security requirement for e-commerce merchant and it was developed by PCI security standard council.

Security requirements are divided into many sections. These include building and maintaining a secure network, cardholder protection, maintaining a vulnerability management program, strong access control measures implementation, network monitoring and testing and information security policy maintenance.

E-commerce business must adhere to this security requirement to protect both customers and business information.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

For more informaiton, please visit https://www.pcisecuritystandards.org/

Products

Solutions

Support