Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.
X
09
Apr

3dcart Stores are NOT Affected by the Heartbleed Security Bug

HeartbleedBy now, you’ve probably read in the news, or heard across the wire that the newest security bug code named “Heartbleed” has been spreading across the web for some time now, and has just been recently identified.  Since 3dcart is Level 1 PCI compliant, we have one of the most secure shopping cart platforms in existence today.  To learn more about how 3dcart protects your data, you can read more about our PCI Compliance.

Heartbleed is a flaw in the OpenSSL protocol (which is not used by 3dcart).  OpenSSL is an open-source encryption technology which is the backbone for many secure websites that collect personal and financial data.  Fortunately, OpenSSL is not used on any 3dcart web properties.  You can learn more about the Heartbleed Bug here.

Heartbleed has been present since March 2012, but has only recently been identified.  While your 3dcart stores have not been impacted in any way by this vulnerability, it is recommended that watch for communication from different websites and companies that you may have frequently visited in the event that these companies were using the OpenSSL technology.  Many major websites such as Amazon, Google, Facebook and others may have been impacted.

To learn more about how to protect yourself from the Heartbleed Bug, we suggest reading this article from CNET.

As always, we appreciate your business here at 3dcart, and we are always here to help.

 

  • If 3dcart is level 1 PCI compliant why can;t we store credit card numbers in our store?

    Mitch Rezman

    April 9, 2014

  • Hi Mitch, that’s one of the reasons we are Level 1. PCI requirements state that we should never save credit card data within the infrastructure that our software resides on. Credit card processing, and the security that comes along with storing credit card numbers is better left to the professionals in the credit card data security industry, ie, Authnet, etc. You can use “tokenization” with our partners that support it to have full stored credit card accessibility.

    Joe Palko

    April 16, 2014

Leave a comment  

name

email

website

Submit comment