24/7 Support: 800.608.6482

Get Started

Reference Guide

Appendix 1: Best Practices for Managing Credit Card Data

A portion of the PCI-DSS (Payment Card Industry Data Security Standard) relates to encrypting your payment data. In most cases you are required to meet these standards, although they are also considered best practices:

  • Enable encryption in your store. After you enable encryption, payment information on new orders will be encrypted.
  • Encrypt existing payment information. If you have existing orders with unencrypted payment information, you have to encrypt the payment information on those orders.
  • Delete payment information from orders. PCI has several requirements for when you should delete payment information:
    • It is never acceptable to keep unencrypted credit card numbers in your database, even temporarily.
    • You should not keep credit card data longer than you need to. For example, the PCI standards let you keep credit card information to cover your return policy, or if you sell custom products that may be paid for in installments. However, you should delete credit card information when you no longer need it to process or refund an order.
    • Under no circumstances should you store payment information in your database for more than 1 year.
    • You may never store the entire stripe data (which includes the CVV code) even if it’s encrypted.

Looking for Developer Docs?

We have a whole section for that, including: Developer Training Series, Template Language docs, Module Development tutorials and much, much more.

Head to the Developer Section

Miva believes that all online businesses should have access to a scalable ecommerce platform that can meet their unique business requirements. Miva offers PCI compliant ecommerce, hosting, and custom website design and development solutions. Miva customers have processed over $100 billion in online sales since 1997.

Copyright © 2016 Miva, Inc - All Rights Reserved   Privacy Policy | Store Policy

Links
Contact Us
Receive Tips & Updates

Copyright © 2017 Miva, Inc - All Rights Reserved

Back To The Top