CRE Secure Payments Attains Level 1 Service Provider Status with Payment Card Industry Data Security Standards (PCI DSS)

Share Article

New PCI Compliant Payment Acceptance Service seamlessly delivers full PCI DSS compliance to online stores and web applications without sacrificing the existing store’s ‘look and feel’.

CRE Secure (, the first cloud-based payment security system, is pleased to announce certification of full compliance with the PCI Data Security Standard as a Level 1 Service Provider. The Payment Card Industry Data Security Standard (PCI DSS) requires all large merchants and service providers involved in the capture, storage and processing of credit card transactions to engage certified auditors to perform assessments of security controls. The assessment requires external vulnerability scans, verification that all cardholder data is encrypted, and verification that all systems and networks are securely configured. The audit also ensures that Secure Socket Layer (SSL) security is employed for access to, and transmission of, all cardholder data among many other controls.

This comprehensive onsite assessment was conducted by a leading provider of PCI DSS assessment services, Coalfire. As a PCI-certified QSA, Coalfire provides comprehensive security assessments of the data security standard to level 1 merchants, and level 1 and 2 service providers, resulting in a documented Report on Compliance (ROC). The ROC provides independent validation of compliance to customers, card brands and acquiring banks. CRE Secure Payments understands the need for all of its merchants' business ecommerce transactions to be safe and secure and has committed to the annual onsite PCI data security assessment and quarterly network scans required for compliance.

“The number of identity theft victims has increased to more than 10 million per year. This statistic is staggering, but PCI compliance helps prevent this heinous crime, which not only affects millions of people, but costs businesses and consumers millions of dollars per year”, said Greg McGraw, president and chief executive officer of CRE Secure.

Kennet Westby, chief operating officer and co-founder of Coalfire, agrees, “As a Level 1 service provider that collects payment information, CRE Secure has established controls to protect transaction privacy while securing transactions for its clients. By investing in secure facilities and innovative transaction processing systems, the company has reduced the risk for its clients and their customers”.

PCI compliance is a worldwide security standard created by the Payment Card Industry Security Standards Council, which includes MasterCard, Visa, American Express, Discover, and JCB International. It is a set of security standards that is enforced to protect credit cardholder information. CRE Secure is a participating member of the PCI Security Standards Council.

About CRE Secure Payments:
CRE Secure Payments is a cloud-based secure Internet payment processor and a wholly-owned subsidiary of venture-backed Chain Reaction Ecommerce, Inc., a leading open source ecommerce software solutions provider to online stores. CRE Secure Payments maintains PCI PA-DSS certified payment modules for many leading ecommerce shopping carts distributed worldwide and provides secure PCI-compliant hosted payment processing solutions using patent pending technology and through its partnerships with the top global gateways, like PayPal and and merchant acquirer banks. For more info, visit or call (800) 609-2141.

Download a PDF copy.

Click here to view Visa's updated list of PCI DSS compliant service providers.

About Coalfire:

Coalfire Systems, Inc. is a leading IT audit and compliance firm that provides IT audit, security, and compliance solutions throughout North America. Customers are in the financial services, government, healthcare, education, legal, public electric utility, and retail industries. Coalfire's solutions are adapted to requirements under emerging data privacy legislation including PCI, GLBA, HIPAA, NERC CIP, SOX, and FISMA. Coalfire is a Qualified Security Assessor (QSA) that conducts 750 assessments annually. For more information, visit or call (877)224-8077.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michael Fuller
CRE Secure
404-961-9840 ext. 6842
Email >

Steve Antzcak
CRE Secure
404-961-9840 ext. 6843
Email >
Visit website