Site Store Pro does not store any credit card information and only stores the customer user account registration info (name, address, phone number, email). NOTE: We will not assist an online store owner to modify Site Store Pro to save and store credit card data to their server. Due to the security risks and PCI compliance issues, credit card information is sent to the payment processor and then cleared from memory and will not be saved in the database under any circumstances.

If your site will be transmitting credit card information to a third party processor for approval, you must setup your checkout system to use SSL (https://). Site Store Pro works with both same domain and shared SSL certificates so every site that takes credit card input will be able to easily secure the billing information pages.

All merchants who will be transmitting credit card information to their payment processor MUST have an quarterly PCI compliance scan by an approved ASV vendor. Since Site Store Pro can be hosted on any Windows-based hosting account, we recommend having periodic (daily or monthly) PCI scans to verify that your hosting account setup remains secure.

Site Store Pro is PA/DSS compliant in its default configuration when hosted on a server that passes current PCI/DSS compliance scans. However, due to other applications you may be running along with Site Store Pro, your host's / server's specific security settings, etc., you should have your website frequently scanned and verified PCI/DSS compliant.