An order management software (OMS) company faced multiple challenges in its effort to protect card data that flowed through its customers’ shopping carts. Many of the problems stemmed from the litany of gateways, payment processors, and shopping carts this OMS was supporting. In particular, payment data passing through open-source shopping carts had proven vulnerable.

The multi-vendor environment along with the scope and complexity of security resulted in a hefty investment of money and resources to keep customer payment data secure. Even with the investment, one of its customers experienced an e-commerce data breach. The situation needed an immediate resolution to prevent other customers from experiencing a security breach and protect this company’s reputation in the industry.

Keep customers’ payment data secure

Simplify PCI compliance

Cut costs and resource time

Our strategy was to eliminate the vulnerability at the cart level by creating a secure environment. This involved introducing a secure hosted page into the OMS environment to receive payment information directly from shopping carts. Thus, removing sensitive data entirely from non-compliant carts on customers’ websites.

Then to ensure a seamless integration of the secure hosted page with the software platform, our solution included development of a shopping cart plug-in.

Impact to the OMS and its Customers

  • Ability to drastically reduce the time and costs of keeping environment compliant and customer data secure
  • Mitigation of customers’ risk of a data breach by removing valuable payment data from their websites
  • Simplification of the PCI compliance process