Shopify Ecosystem

Security Best Practices For Ecommerce Merchants

security-best-practices-for-ecommerce-merchants

Being a successful ecommerce merchant requires great products and a strong brand identity. Ecommerce merchants are keen to deliver personalized experiences at every stage of their customer journey. Names, contact info, payment info, addresses, birthdates, and even info about customers’ pets now form the data backbone of most ecommerce stores. 

This has not gone unnoticed by cybercriminals either. According to the 2020 Trustwave Global Security Report, the retail industry was the most-targeted sector for cyberattacks (at about 25%) for the third year in a row. All this means that, unlike a traditional brick and mortar retailer, ecommerce merchants are now required to prioritize privacy and security in their technology investments. 

At Recharge, we’re proud to have grown up with our merchants. This has allowed us to learn and design a product that they can trust. Trust is a powerful word and for us, it means delivering on four key promises: Privacy, security, availability, and compliance. 

Putting your privacy first

To support the privacy goals of our global merchant community and partners, we’ve built a comprehensive set of policies that adhere to guidance from the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This includes clearly stating what information is collected, stored, accessed, and processed. These policies also outline our obligations to merchants and their customers so they’re empowered to expect the best from Recharge.  

Building security into everything we do

Privacy is nothing without robust security practices. At Recharge, we are proud of our dedicated 24/7 Security Operations Team and Product Team’s deep commitment towards a secure software development lifecycle. We believe security is a team effort, including vulnerability reporting through independent parties. In addition to utilizing the security features of Google Cloud Platform (GCP), we use modern data encryption techniques, network monitoring, and access management systems to ensure security is never an afterthought. 

Keeping your business online

To ensure resilience and availability of business-critical and merchant-facing services, we’ve operationalized a comprehensive business continuity and disaster recovery program. More importantly, we’re committed to accountability through transparency with our merchants and partners. Therefore, we maintain a publicly accessible status page where anyone can view the real-time availability, uptime, and incident status associated with our offerings. 

Adhering to industry standards

It’s not scalable and reasonable to expect merchants and partners to conduct in-depth technology assessments every time they’re selecting their technology partner. So we’re committed to making that decision easier by acquiring certifications and attestations that are recognized as industry standards. We’re currently certified as per Payment Card Industry Data Security Standard (PCI DSS), and recently completed our Service Organization Control (SOC2) Type I attestation report. 

As we continue to further strengthen our infrastructure and processes, we’re also taking important steps towards information accessibility by creating the Recharge Trust Center. Available on our public website, the Recharge Trust Center will act as a single location to discover and learn about all our commitments, latest policies, and additional information on our four key promises. We’re also working hard to make it much easier for merchants and partners to access relevant documentation through the Recharge Trust Center. 

These updates would not be possible without the trust placed in us by the thousands of merchants, partners, and the independent security researcher community. We look forward to more feedback from all of you and sharing the updates through our trust center.

Special thanks to our friends at ReCharge Payments for their insights on this topic.
I'm also on

Subscribe to Podcast

Top 1% most popular show out of 2,729,419 podcasts globally!

eCommerce Fastlane | Shopify Podcast For DTC Brands | Growth Marketing Strategy For Entrepreneurs | Listen Notes