eCommerce Solutions You Can Trust

Security of the code, product, and human resources is one of our top priorities. We develop CS-Cart and CS-Cart Multi-Vendor to be compliant with industry data protection standards such as PCI DSS and GDPR.

eCommerce Solutions You Can Trust

Security of the code, product, and human resources is one of our top priorities. We develop CS-Cart and CS-Cart Multi-Vendor to be compliant with industry data protection standards such as PCI DSS and GDPR.

Ultimate Protection for Your Online Store

We do care about the security of the product and implement functionality that protects your store or marketplace from unauthorized access and data breach. Building your eCommerce website on CS-Cart, you can be sure your customers' and your own data is safe.
PCI DSS Compliance
PCI is a set of strict security standards relating to storage, processing, or transaction of credit card data, developed by the leading payment brands, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc.

The standard was created to increase controls around cardholder data to reduce credit card fraud. CS-Cart meets PCI DSS requirements.
GDPR Compliance
The General Data Protection Regulation's primary aim is to give individuals control over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR also regulates the transfer of personal data outside the EU and EEA areas. CS-Cart is GDPR-compliant out of the box.

Product Security

Code security and protection from unauthorized access and attacks. This what CS-Cart is about. We implemented special procedures and coding techniques to the development process and security means to the product itself to make the platform super safe.
Our senior developers and cybersecurity specialists analyze CS-Cart's code on a regular basis to make sure there are no flaws and coding patterns that can be potentially insecure. Every development task goes through the code review procedure.
CS-Cart has built-in means of sensitive data encryption. For data transfer, it fully supports secure data transfer channels. At rest, the sensitive data is stored and encrypted in the database.
Secure coding and regular in-house penetration testing
Secure data transfer channels support
You can set a custom admin panel web address so that only you and your staff know it. That greatly reduces the risk of penetration.
Unique admin panel address
CS-Cart doesn't store passwords—password hash only. All the sensitive data is encrypted.
Safe data storage
If the core files of your CS-Cart installation are modified, you will immediately know about that.
File system consistency check
CS-Cart has built-it protection from SQL-injections (SQLi), cross-site scripting (XSS), and cross-site request forgery (CSRF)
Protection from hacker attacks
Every session is assigned to its user agent. If the user agent changes during the session, the session becomes invalid.
Session protection
You can set the minimum password length and how long it will work. Once the password expires it has to be reset.
Password strength and lifetime control
The logging system will tell you if there were any brute force attempts.
Authorization attempts control
CS-Cart and CS-Cart Multi-Vendor feature a powerful user role system out of the box. If you have several departments like the sales team, support team, designers, content makers, and other employees, you can allow each team to only access the features they work with and restrict them from accessing functionality they don't use.
In CS-Cart and CS-Cart Multi-Vendor, you can backup and restore all the data including the database. You can even set up automatic data backup via CRON. Full data export is also available out of the box.
Flexible user role system
Data backup, restore, and export
You have full access to the source code of CS-Cart and Multi-Vendor. You can read, modify, and control it.
Open source code
CS-Cart and Multi-Vendor feature built-in Google reCAPTCHA.
Built-in spam filter
Multi-Vendor has the vendor data pre-moderation function that allows you to view, approve, or disapprove vendors and their content and products before they appear on the marketplace.
Data pre-moderation

Company Security

Company security policy

We have a set of corporate security rules that every employee must strictly follow without exceptions.
icon speed

Employee security training

Once a year we perform a security audit in the company and make sure all the employees follow the security policy.
icon online

Security coding training

We perform a code review procedure for every task and use code analyzing scripts. Those scripts scan the code and discover code fragments that can be potentially insecure. Based on this data, we train our programmers to code securely.
icon safe

Non-disclosure agreement and security policy

Every employee signs these documents personally.
icon spending

The proven procedure of closing vulnerabilities

If a vulnerability is detected, we eliminate it in 3 steps:
1. Closing the vulnerability in the code
2. Releasing a hotfix
3. Sending the hotfix to our customers
icon clients

Corporate tools are always up-to-date

Every tool that we use in our everyday routine—from the development tools to the corporate messenger—we keep up-to-date.
icon loyal
We care about the security of our human resources and the company in general. This is as important as the security of the product itself. Our employees are well-trained in terms of security and data protection, and the tools we use every day are kept up to date.

Network security

Our internal resources are heavily protected from penetration.
icon spending

Passwords are safe

We use specialized enterprise-grade services to share and store passwords.
icon clients

2-factor authorization where possible

Our corporate accounts are protected with 2-factor authorization—this is obligatory for every employee.
icon loyal
vps hosting

Create a powerful protected marketplace now!

Whether you're about to build an eCommerce marketplace to expand your business online, to become a leader in your niche, or just to help local entrepreneurs go online, CS-Cart Multi-Vendor is the marketplace platform for you. Request a free personal demo to try it out.
vps hosting