1. Your store always uses HTTPS
Regardless of whether or not you have an SSL certificate for your site it’s important to know that your store is launched using an HTTPS connection. You can always verify this by inspecting the Network session of your store.
In order to indicate that the checkout is secure, your store shows a padlock image on its checkout page.
However, if you feel that your customers still have concerns and you would like the browser to indicate a secure website, we recommend making your website use HTTPS.
In order to do that, you need to perform the following steps:
- Purchase an SSL certificate
- Install it on your website (your web host can do it, however you need to have a dedicated IP address)
- Link to your store page using HTTPS protocol (i.e. you will need to update some your site’s or blog’s settings)
- Slightly update the integration code (replace “http://app.com” with “https://app.com”) or enable the special option if you use our WordPress module.
- Note: if you see this line in your integration code:
you don’t need to update the integration code. This line works correctly both on HTTP and HTTPS without any changes.
2. Your store doesn’t store credit card information
The store itself, and your store in particular, doesn’t deal with your customers’ credit card information. Your store doesn’t collect, store and process such data in any way.
Instead of that, your store supports a number of popular payment gateways. All of them can be divided into two main groups based on the way they interact with your store .
3. Your store is integrated only with reliable payment gateways
Your store is integrated only with secure and reliable payment gateways, which use AVS check and other verification technologies to avoid fraudulent payments and help guarantee the safety of sensitive information.
4. Your store is PCI DSS certified
Your store is PCI-DSS validated Level 1 Service Provider which is the gold standard for e-commerce solutions worldwide.
In order to protect your customers’ data, your online store should comply with these requirements:
- Use HTTPS connection for online checkout
- Don’t store sensitive data on the server
- Use address verification system to verify customers’ payment details