Back to Table of Contents

SSL Settings and PCI Compliance

InfusedWoo and PCI Compliance

If you want to know what is PCI Compliance, you can check this website.
https://www.pcisecuritystandards.org/security_standards/index.php

And this is summarized in infusionsoft:
http://ug.infusionsoft.com/article/AA-00587/0/What-does-Infusionsoft-do-to-keep-credit-card-information-secure.html

Infusionsoft's payment system is PCI compliant and that would make the plugin InfusedWoo 80% PCI Compliant because it uses Infusionsoft payment processing and data encryption.

The other 20% still needs to be assured to make it PCI compliant are the following, which is handled by InfusedWoo:

Secure transmission, storage, and disposal of payment card data - InfusedWoo send information to infusionsoft directly and does not store customer's credit card and CVV or send it on any other 3rd party server. Transmission of information is also secure. The Infusionsoft API uses CURL to transfer data through a secure SSL connection. Infusionsoft SDK libraries will be updated regularly ensure security when transmitting data to infusionsoft.

Provide secure hosting - This is a responsibility of the site owner. You need to make sure that they are checking out on a secured web page with SSL certificate. If this is not installed on your server, InfusedWoo will give alert in the wordpress admin dashboard. See "Enabling Secure SSL Checkout" below to see how to set this up.

Most importantly, once you get license of the plugin, you can always check the codes in the plugin or hire a web security expert and see if it follows the PCI standards. The InfusedWoo License owner, may change or customize the plugin and may also cause the plugin to violate the PCI Compliance. When customizing InfusedWoo, the license owner is the one responsible of making sure that the customizations done complies to the PCI standards.

Enabling Secure SSL Checkout

Enabling Secure SSL Checkout
Zoom

Before enabling Secure SSL checkout in InfusedWoo, you need to make sure first that SSL is installed to your domain. If SSL is not installed to your domain or you're not sure whether SSL in installed or not, then you need to contact your site administrator or your host support line to have SSL installed. SSL installation might take time as it sometimes requires some changes to your DNS settings.

Once SSL is installed to your domain, then you only need to enable this settings in woocommerce to allow secure checkout to your customers. To do this, go to Woocommerce Settings and tick "Force secure checkout". See the screenshot above