ACS Payment Management

ACS has accounting and financial tools that serve as the solid foundation for your growing business. A host of cost-management tools will also help to guide your profitable growth.

ACS exceeds the stringent requirements of Visa's PCI & CISP programs to ensure maximum security with your sensitive financial data and information.

Visa's Cardholder Information Security Program (CISP) was created to define a security standard for all merchants that process, transmit and store Visa Cardholder information. This program is more than simply meeting a one-time compliance standard, there is also an ongoing compliance validation required.

This ongoing validation is designed to identify and correct any potential security vulnerabilities and to ensure the highest levels of security are maintained.

The Payment Card Industry (PCI) Data Security Standard is the result of a partnership between Visa and MasterCard and has been endorsed by every major credit card provider operating in the U.S. This standard was created to define a series of best practices when processing, transmitting and storing credit card information. PCI compliance is a requirement of CISP.

ACS, with its network of enterprise partners, is one of the first eCommerce Platform Solutions to provide a completely PCI/CISP certified systems from start to finish.

Our industry leading eCommerce Platform Solution was created with security in mind! ACS has always striven to provide the most secure shopping experience possible and compliance for both PCI certification and CISP compliance.

By taking advantage of ACS eCommerce Platform Solutions, your business automatically conforms to the Credit Card Industries stringent compliance rules. This means you can spend your time on important tasks to grow your business without worrying about system security and industry compliance issues.

ACS supports a variety of payment methods including credit cards (Visa, MasterCard, Discover, AMEX), eCheck, PayPal, Google Checkout Purchase Orders etc.

ACS currently supports most major payment gateways for credit card and direct bank transactions (including Verisign, Authorize.Net, Chase Paymentech, ITransact, LinkPoint, PSiGate, FAST Transact, DPS Payment Express, protx, WorldPay, YourPay, CyberSource etc. )

  • All major credit cards supported
  • eChecks
  • Cash On Delivery type Generic Payments
  • Purchase Order
  • Gift Cards
  • Full PCI Level 1 compliance (PCI-DSS audited and certified clients)
  • Custom Payment Gateway (get billing information for manual offline processing) or Generic Payment
  • All major payment gateways including Authorize.NET, Cybersource, ProtX etc. supported
  • PayPal
  • PayPal Express Checkout
  • PayPal Website Payments Pro
  • Google Checkout
  • Payment Transactions in multiple currencies and languages
  • CVV support
  • ASP.NET Membership Module for User and Role Management
  • 3-Tier Architecture for maximum data in transit protection using SSL at Application and Web Server tiers
  • Independent security audit by Trustwave for Software Configuration Management, Secure Coding Practices and Encryption Technology, Validating parameter length that could lead to a Buffer Overflow, Memory and Disk Exception Handling, Application Exception Handling, Cookie manipulation / Cookie Poisoning, SQL Injections, Cross Site Scripting Attacks, SSL Version Hacking, Data In Transit attacks, Penetration Test, Load and Penetration Tests, Multi Geographic attacks etc
  • Dedicated SSL Certificate support
  • Password management using ASP.NET membership provider
  • Customer access management (deactivate/lock a customer or user)
  • No PAN storage for PCI-DSS certification
  • Fully secure and SSL protected access to the store administration module
  • Fraud Management
  • AVS protection available with payment gateways
  • PCI compliance significantly reduces shopping cart reduces abandonments by delivering trust that customers can complete their purchase seamlessly and securely
  • Direct checkout without storefront registration
  • Customers can choose from various payment options configured by the store administrator
  • The store administrator can configure which credit card types can be accepted and use supported payment gateways
  • Customers can purchase gift certificates in any amount permitted by the store. Both purchase and redemption of gift certificates can be entirely online. Customers can use the certificate like any other form of payment
  • Trustwave, McAfee Security Integration for real-time PCI Scan Testing with client references

What is PCI?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID).

The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.).

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

A copy of the PCI DSS specification is available here

To whom does PCI apply?

PCI applies to ALL organizations or merchants, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. Said another way, if any customer of that organization ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply.