How we secure your credit card information
How does ECBlend secure my credit card information?
We never see your card number.
We use Authorize.net as our processor/gateway and do not have access to and do not store any credit card information on our websites or any of our systems. (Authorize.net is one of the largest, most trusted gateways and processors) Link: https://www.authorize.net/about-us.html
Our Accounting Managers have access to Authorize.net for the purpose of refunds, voids, reconcile payments, or to investigate issues. This access allows ECBlend Accounting Staff to only view the last 4 digits of a card number.
HOW IT WORKS
ECBlend is fully PCI compliant.
The credit card transaction with the card number is between the Customer-to-Authorize.net-to-CustomersBank/ccCompany. ECBlend is not involved in the data transfer in any way. Once the payment is approved by their ccCompany/Bank, we receive an authorization code as Approved and fulfill the order.
- Customer inputs card into eCommerce system (Big Commerce. ECBlend does not have access to see this card number)
- eCommerce transmits to card gateway/Processor
- Gateway/Processor contacts your credit card issuer who authorizes the transaction
- Gateway/Processor sends authorization code to eCommerce system
- eCommerce system sends approval to ECBlend, creates the final invoice and sends invoice to customer.
- ECBlend fulfills the order.
Link to Big Commerce eCommerce Security: https://www.bigcommerce.com/ecommerce-answers/credit-card-authorization/#:~:text=The%20merchant%20sends%20a%20request,the%20cost%20of%20the%20sale.
STORING CREDIT CARDS by Big Commerce
As a convenience to our customers, we interface our eCommerce system with Authorize.net, allowing the use of the Store Credit Cards feature. ECBlend still does not have access to your card information. Your card information is stored on Authorize.net's secure systems for easy access and is not available to ECBlend employees. The stored information is retrievable only by you when you log on.
In the case of phone orders, our Customer Service agents will request a credit card number in order to complete the payment. In this case, it is with full knowledge and consent of the customer. (We only access phone orders where there may be an 'access' issue (i.e. customer does not have internet access, etc).
What Is PCI Compliance?
Payment card industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry. Payment card industry compliance refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions. PCI standards for compliance are developed and managed by the PCI Security Standards Council.