CRE Secure was Built with PCI Compliance in Mind

CRE Secure is the first PCI DSS validated payment system designed especially for the online merchants who want to continue hosting their own open source shopping cart and be PCI compliant.

So what is the Payment Card Industry (PCI) Data Security Standard (DSS)?

PCI DSS is a set of comprehensive requirements for enhancing payment account data security established by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. International. It was developed to help the broad adoption of consistent data security measures on a global basis. All merchants that process, store, or transmit payment card information for American Express, Discover, JCB, MasterCard, or Visa are required to be PCI DSS compliant.

How does CRE Secure™ using its patent pending HTML Clone™ payment page branding technology make your payments PCI DSS compliant?

As customers shop on your site, they click a button to pay using their bank account or credit card. With CRE Secure™, your customers pay on a 100% compliant and secure hosted payment page, but without losing the site continuity and custom design ‘look and feel” of your website. Because your customer’s credit card account information is no longer stored in your web store software or on your servers, you won’t need to worry about protecting stored cardholder data, encrypting data in transit, or restricting access to cardholder data. Most importantly, with CRE Secure™, you do not need to change your current hosting provider which will save you $$$ by not having to move to a PCI compliant hosting provider. We did that part for you! We continually maintain and regularly validate the security of CRE Secure™, through a PCI Council approved Quality Security Auditor (QSA). As a result, you can focus on winning more customers and providing a consistent, outstanding customer experience.

Committed to data integrity

CRE Secure™ has achieved both PCI PA-DSS compliance certification as a secure payment application under the Visa Cardholder Information Security Program and achieved PCI DSS compliance certification by hosting our patent pending HTML Clone™ payment page solution at GSI Hosting, the first managed service provider in the world to obtain certification from Visa for their Payment Card Industry Data Security Standard (PCI DSS) for compliance and physical security. GSI Hosting has achieved the American Institute of Certified Public Accountant's Statement of Auditing Standards #70 (SAS70) certification. This underscores our strong commitment to making security a central focus of our e-commerce development and compliance efforts and protecting the safety and integrity of customer data.

PCI DSS At-A-Glance

What It Is: Security Standard developed by the payment card industry.
What It Does: Establishes requirements for protecting cardholder data.
What Is Required: Specific technical steps to protect cardholder data.
Penalties for Non-Compliance: Range from fines to loss of card processing privileges.

Why You Need It

PCI Compliance PCI FAQs

PCI Resource Links

PCI Data Storage Do’s and Don’ts

Lifecycle Process for Changes to PCI DSS

Payment Card Industry Security Standards Overview

Getting Started with PCI Data Security Standard

Ten Common Myths of PCI DSS