Differences

This shows you the differences between two versions of the page.

--- static:foxycart_security [2013/10/28 17:10] – fixing links. oops. foxybrett
+++ static:foxycart_security [2018/05/17 21:22] (current) – [What is PCI DSS, and how does it relate to you?] foxybrett
@@ Line 3: / Line 3: @@
 ===== Quick Links =====
   * [[http://www.foxycart.com/security-contact|Reporting a security issue]]
-  * [[http://static.www.foxycart.com/FoxyCart_Attestation_of_PCI_Compliance.20130401.pdf|FoxyCart's PCI Attestation of Compliance (AOC)]]
+  * FoxyCart's PCI Attestation of Compliance (AOC) prepared by our QSA, [[http://www.foxycart.com/contact|available by request]].
 ===== FoxyCart is a PCI Compliant Level 1 Service Provider =====
@@ Line 9: / Line 9: @@
 You can verify our status at:
-  * [[http://www.visa.com/splisting/|Visa's Global Registry of Service Providers|]] (searchable site)
+  * [[http://www.visa.com/splisting/|Visa's Global Registry of Service Providers]] (searchable site)
   * [[http://www.mastercard.com/us/company/en/whatwedo/compliant_providers.html|MasterCard's PCI Compliant Service Provider List]] (PDF)
-We use [[http://www.trustwave.com/|Trustwave]] as our ASV, are hosted on the [[http://www.firehost.com/secure-cloud|FireHost Secure Cloud]] at their [[wp>Data_center#Data_center_classification|Tier 3 and Tier 4 datacenters]], and we work with  [[http://s3security.com/index2.html|Specialized Security Services, Inc.]] as both our QSA and security advisors.
+===== What is PCI DSS, and how does it relate to you? =====
+How PCI relates to your store will be determined by your unique set up. By using FoxyCart, we do take on at least some of the compliance requirements as it relates to your online store. For an in depth summary of the different areas of PCI compliance, what level might relate to you, and what to do if someone is telling you that you need to pay to be compliant, check out [[primer:security#pci_dsswhat_it_is_and_what_it_means_to_you|our overview of what it is, and what it means to you]].
-<html>
+===== Foxy is a member of the EU-US and Swiss-US Privacy Shield Framework =====
-<table width="135" border="0" cellpadding="1" cellspacing="1" style="display:inline"><tr><td width="135" align="center"><script src="https://sealserver.trustkeeper.net/compliance/seal_js.php?code=w6ozAYfC7NOhLcVfEWh8RytnHPZgvC&style=normal&size=105x54&language=en"></script><noscript><a href="https://sealserver.trustkeeper.net/compliance/cert.php?code=w6ozAYfC7NOhLcVfEWh8RytnHPZgvC&style=normal&size=105x54&language=en" target="hATW"><img src="https://sealserver.trustkeeper.net/compliance/seal.php?code=w6ozAYfC7NOhLcVfEWh8RytnHPZgvC&style=normal&size=105x54&language=en" border="0" alt="Trusted Commerce"/></a></noscript></td></tr></table>
-</html>
+You may [[https://www.privacyshield.gov/participant?id=a2zt00000008SJcAAM&status=Active|view our Privacy Shield membership here]].
+===== Copy/Paste Text for Your Policies =====
+If you need a blurb for your customer-facing marketing or policies, feel free to use this (if indeed you aren't accepting cardholder data except via FoxyCart):
+<blockquote>**Cardholder Data Security Policies:**\\
+In order to minimize the risk of security incidents, we fully outsource all payment processing to FoxyCart.com. FoxyCart is PCI DSS (Payment Card Industry Data Security Standard) Compliant as a Level 1 Service Provider, and is listed on both Visa and MasterCard's global registries. Anytime you submit payment information via our website, you are submitting through FoxyCart's secure infrastructure. If you opt to save your payment information during checkout, that information is stored at FoxyCart. We don't have access to your payment details except for the last 4 digits, the card type, and the expiration date.</blockquote>

Differences

Page Tools

Site Tools

User Tools