Vantiv eCommerce is a PCI Level 1 Service Provider. Our continued compliance with the PCI Data Security Standard can be verified on public registries hosted by Visa and MasterCard. Vantiv eCommerce has received annual Reports on Compliance (ROC) ever since the incorporation of the PCI SSC (Payment Card Industry Security Standards Council) in 2004.
But Vantiv eCommerce doesn't stop with PCI DSS compliance in our quest for security. We are committed to going well beyond this standard and use it as a baseline for maintaining the highest level of secure operations in the payment processing industry. Security is integral in everything we do, from Engineering to Information Technology to Finance, Legal, Risk, Compliance, and employee awareness. Vantiv eCommerce is proud to continue a longstanding heritage of actively participating in an unprecedented transformation of the information security landscape over the past 10 years. We work tirelessly to create a culture within Vantiv eCommerce that continuously leverages security to build a world-class enterprise. Our security team members hold dozens of industry certifications, and our company is a member organization in leading security organizations and councils. Vantiv eCommerce also maintains an unqualified SSAE 16 SOC 1 audit report, NACHA compliance, and is independently audited by our acquiring banks and merchants.
Vantiv eCommerce's SDK's utilize the HTTPS protocol, which provides secure and encrypted communication between your company and our processing platform. Our processing environment is not, and has never been, vulnerable to the Heartbleed bug.
Vantiv eCommerce's SDK's utilize the TLSv1 protocol for online communication to assure that they are not vulnerable to POODLE. If you are using a PHP, OpenCart or Magento SDK, visit our FAQ to learn to how upgrade your installation.
All of our cardholder data is encrypted whenever it is stored in our systems. The data can only be decrypted by the processing platform; database and system administrators do not have the keys.
Our developers attend mandatory secure coding training, and have engineered secure methods for ensuring cardholder data during processing. Our source code is regularly audited by third parties for security. Vantiv eCommerce has direct connections with Card Associations that follow their stringent security standards. And, Vantiv eCommerce has a tokenization solution that can help customers manage their own PCI DSS compliance in a cost effective and secure manner.
You can reach Vantiv eCommerce Security at any time at Vantiv security