Volusion understands that it isn’t good enough to build a secure ecommerce platform—it must be tested against real-world threats. In addition to ongoing testing by highly experienced security team members, Volusion engages with a leading organization to perform penetration testing every six months. Finally, Volusion partners with a leader in the bug bounty space to manage an ongoing program to reward independent security researchers (white-hat hackers) to identify and responsibly disclose vulnerabilities. To report any security issues, please email firstname.lastname@example.org.
Volusion uses a variety of methods to ensure that payments made on merchant stores are secure. Namely, our payments infrastructure is built on a Payments Orchestration platform that manages the entire payment process from start to finish. At all times, shopper data (including credit card data) is sent using military-grade encryption.
donePCI Compliance: Our platform has maintained compliance with the Payment Card Industry’s Data Security Standard (PCI DSS) since early 2006. Categorized as a Level 1 Service Provider, Voluison is held to the strictest level of compliance to the PCI DSS. You can request an Attestation of Compliance (AOC) here.
doneSSL Certificates: Every current pricing plan includes a 256-bit encryption SSL certificate, which is automatically installed when the store goes live. Merchants who prefer different levels of security/encryption may purchase other SSL certificates we offer or can purchase from a third party ($99 transfer fee).