These are some of the most common questions regarding security and PCI compliance in Recurring Orders, select the question to view the answer.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Visit the PCI Compliance Guide FAQ for more details.
There are six main categories to be considered compliant; these are all met by the Supported Payment Gateways in Recurring Orders:
- Build and Maintain a Secure Network and Systems
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
In addition to this, Recurring Orders by Bold must adhere to a subset of the PCI Data Security Standards and has implemented controls in relation to the following (where applicable):
- Do not use vendor-supplied defaults for system passwords and other security parameters.
- Identify and authenticate access to system components.
- Restrict physical access to cardholder data
- Maintain a policy that addresses information security for all personnel
With Recurring Orders by Bold and one of the Supported Payment Gateways in Recurring Orders together you can be assured that you are adequately protected with industry-leading PCI compliance and security standards.
Recurring Orders is PCI compliant, uses industry-leading encryption techniques, and processes all personal information securely. All Supported Payment Gateways in Recurring Orders are required to be PCI compliant as well; this is where the credit cards information is processed and stored.
Stripe is the recommended payment gateway for use with Recurring Orders, visit Security at Stripe for more details.
Yes, Recurring Orders uses industry standard and PCI accepted TLS encryption for all checkout processes and logged-in customer activity.
Credit Card information is not stored within Recurring Orders; it is stored within your payment gateway. All Payment Gateways are required to be PCI compliant; our recommended Supported Payment Gateways in Recurring Orders (Stripe, Spreedly, and Braintree) are all fully PCI-compliant, level one service providers.