Ektron CMS400.Net Reference
To view information about Ektron’s eCommerce security standards and implementation, see the Ektron CMS400.NET eCommerce Module Implementation Guide for PCI DSS Compliance.
This guide is required as part of the Payment Application Data Security Standard (PA DSS) certification as defined by the Payment Card Industry Security Standards Council (PCI SSC). The Security Guide is to be used by Ektron CMS400.NET’s eCommerce partners and customers to help them implement a secure Web site according to the Payment Card Industry Data Security Standard (PCI DSS).
PA DSS is a certification for software applications that store, process or transmit credit card data during a transaction. Most payment card brands encourage merchants to use payment applications that are certified PA DSS Compliant.
Due to Ektron’s leadership position in Content Management and its commitment to security, Ektron CMS400.NET will be PA DSS certified to ensure our application conforms to payment card industry standards.
It is Ektron’s responsibility to become PA DSS certified. In other words, make sure that Ektron CMS400.NET is designed in such a way as to meets the standard for applications as set by the PCI Security Standards Council.
As a merchant or eCommerce Web site owner, it is your responsibility to make sure your Web site is PCI DSS Certified. You need to work together with your hosting provider to obtain this certification. This means using PCI DSS compliant server architecture, performing proper hardware and port scans, and using the proper software and hardware configurations to meet these standards.