We utilize some of the most advanced technology for available for Internet security. Your Checkfront application is hosted in a URL unique to your business in a segregated database dedicated to your account. Web services are protected with an industry standard 256 Bit SSL encrypted certificate.
Our systems are PCI DSS compliant and our compliance is validated by Trustwave.
You own all data associated with your account, including transactions and customer records. We provide the service and maintain the integrity of your data. We never purge records during the life of your account. You may export all or part of your data any time in a variety of portable formats, including: XML, CSV and MS Excel®.
We run automatic encrypted backups to ensure your online data is safe and protected.
Checkfront undergoes regular PCI Compliance scans to ensure we are PCI-DSS compliant. These scans check for known vulnerabilities and common security holes in server configurations. They are performed by our security compliance provider, Trustwave.
To deliver maximum reliability and performance, Checkfront operates on a distributed network with data centers in five geographically diverse locations, including the United States, United Kingdom and Asia. Our data centers are high-speed, redundantly powered state-of-the-art facilities.
Checkfront is PCI DSS compliant. This compliance extends to all accounts powered by Checkfront and transactions that are processed through our system.
The PCI Data Security Standard (PCI DSS) was created by the major credit card companies to ensure the adoption of consistent security measures by all merchants.
There are six categories of PCI standards that must be met in order for a merchant to be deemed compliant:
Checkfront does not store cardholder data on premises but relies entirely on third party payment gateways to handle these functions. Our third party service providers handle payment processing and storage of cardholder data. All third party processor supported by Checkfront are PCI DSS certified.
* Note that your merchant bank may have additional PCI compliance requirements. Software as a Service applications, such as Checkfront, are considered service providers. PCI compliance is confirmed only for accounts that utilize a compatible payment gateway.
Please see our Data Protection, Ownership & Confidentiality in our Terms of Service, or contact us for information on our PCI policy and compliance.