OS Commerce and NELiX TransaX A Match Made in Heaven

OS Commerce is a wildly popular e-commerce platform. Why so popular? Two reasons:

1) It's free. Of course, nobody can argue with that!
2) It's open source.

Developers love open source. It allows them to get into the application and customize it to meet the specific needs of their clients. Many e-commerce platforms are proprietary - meaning that they cannot be customized beyond the feature set that the e-commerce vendor makes available.

Every client is different. No two clients - regardless of whether they are in the same industry, sell the same products, sell to the same set of customers, etc - will have the same needs. This can be a problem in a proprietary system - usually the vendor will have to be contracted to make the customizations if they allow them at all. If the vendor does not allow customizations, the merchant is stuck with manual labor, or "work arounds" to get their specific needs met.

With an Open Source platform, such as OS Commerce, this is not an issue. Developers can easily get into the code and make the changes necessary to exactly meet the needs of their clients. No manual labor, or work arounds, required. So what's the downside? Up until recently, there has not been much of a downside.

As the Internet has evolved, so have Internet related crimes. Fraud and Identity Theft being two Internet crimes that have been a major problem. In response the Bankcard Associations - Visa and MC - have come out with the PCI DSS (Data Security Standards). These dictate the rules for doing business on the Internet. These rules state that all systems that are involved in a credit card transaction over the Internet be PCI compliant.

If you have a proprietary system with 100,000 installs, Visa/MC looks at that as one system that they must audit. One audit serves 100,000 customers. PCI Audits are expensive. However, you have economies of scale here and the shopping cart Vendor can foot the bill for PCI compliance and leverage the costs over all of their customers.

If you have an open source system, with 100,000 installs, all of which have been modified to meet the specific needs of that customer, Visa/MC looks at that as 100,000 systems they must audit. A PCI Audit is expensive. Therein lies the problem.

Where does NELiX TransaX come into the picture? Our gateway is fully PCI Compliant and Audited. Payment processing through the NELiX TransaX Payment Gateway is easy to install in OS Commerce. Additionally, OS Commerce developers can further modify the system to take advantage of our Customer Vault. The Customer Vault allows users to push all credit card data to our PCI compliant gateway, and store no sensitive card holder data in the database.

The NELiX TransaX OS Commerce module is included in NELiX TransaX FleXport.

More information on FleXPort can be found here.
More information on PCI Compliance can be found here.