eCommerce SaaS Platform Security

Protecting the information stored in your eStore is of primary importance to us, that's why we perform regular security scans and are Payment Card Industry Data Security Standard (PCI DSS) compliant. In addition, we handle your Secure Sockets Layer (SSL) certificates (including Extended Verification SSL) to keep your transmissions private.


Privacy and Payment Card Industry (PCI) Compliance

OrderDynamics is Personal Information Protection and Electronic Documents Act (“PIPEDA”) and PCI-DSS compliant. PIPEDA is a law that governs how private sector organizations collects, uses, and discloses personal information. PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.


Logical Security

OrderDynamics has many layers of logical security controls to isolate and protect customer information. At the network level OrderDynamics employs the latest VLAN and Port Security systems and a Network Intrusion Detection System (IDS) to proactively manage network threats. The application is implemented in a fully isolated security context that is separated and secured by process, file, folder, and database. Within OrderDynamics, our roles-based security model provides granular levels of security controls for retailer user access. The platform is backed up throughout the day over a 30 day backup policy with offsite archive. OrderDynamics also maintains a Disaster Recovery environment 60 km away from its primary datacenter location.


SaaS Platform Security Features:

  • Payment Card Industry (PCI) Data Security Standard (DSS) Level 1 Compliance
  • Personal Information Protection and Electronic Documents Act (“PIPEDA”)
  • Multi-Layered Fraud Detection Systems & Third Party Tools
  • 24x7 Uniform Guard, Facility person traps, Close Circuit TV Cameras
  • Locked Cabinets and Cages for Datacenter Infrastructure
  • Latest Layer 2 and Layer 3 Network Security Controls
  • Host and Network Intrusion Detection Systems (IDS)
  • Encrypted and controlled access to stored cardholder data
  • Secure Sockets Layer (SSL) Transmission w/ Extended Validation (EV) available
  • Secure HTTPS Web Services & APIs with Authentication for Integration
  • Application and database Isolation via user security context
  • Roles-based security model for Retailer user access
  • Routine Security Scans and Penetration Tests
  • Daily Backup with 30 Day offsite archive
  • Disaster Recovery Environment

Back to On-Demand Platform