PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organizations handling cardholder information for popular credit and other payment cards. All companies which store, transmit, or process cardholder information must be certified to do so in accordance with the requirements of PCI DSS. See more details on the official PCI DSS website and in Wikipedia.

Do I have to pay for the expensive PCI DSS certification if I'm using Shop-Script 5?

No, you don't! Shop-Script 5 does not store, transmit, or process cardholder information and, thus, is not subject to certification required by PCI DSS. All payment plugins for accepting bank cards in Shop-Script 5 are functioning in such a way that cardholder information is never submitted via your online storefront, but rather on a special secure page of the appropriate payment system or gateway. Therefore, PCI DSS certification must by handled only by that payment system and not by your online store. In Webasyst Store there are no payment plugins, which may require certification for compliance with PCI DSS. Should such a plugin be published there in the future, its description will explicitly state the necessity of such certification.

The certification is required only in the case when you want your customers to be able to submit their cardholder information directly on your website. The certification procedure is rather lengthy and expensive, and is performed by specially authorized QSAs (Qualified Security Assessor).

McAfee SECURE. About information security in Shop-Script 5 and Webasyst Cloud

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Even though PCI DSS certification requirements are, formally, not applicable to Shop-Script 5 and our other products, that does not diminish the importance of continuous security testing of the Webasyst framework and individual applications. During the development, we pay a great deal of attention to ensuring a high security level for our products.

We have been cooperating with McAfee, the certified ASV auditor (Approved Scanning Vendor), for a long time and we perform daily testing of the Webasyst Cloud and all products working on it: Shop-Script 5 as well as Blog, Photos, Site apps, etc. An automated routine every day performs pen-testing of our products and server resources by checking them for availablility of security breaches or vulnerabilities, such as SQL injections, XSS, etc.

The scanning report witnesses full compliance of the Webasyst Cloud service, and all software products it offers, with the requirements of PCI DSS: view McAfee Compliance Report in PDF.

Blog app has been updated to version 1.2.0. In this release we have implemented many useful features, which will make your online blogging experience more convenient and pleasant:

  • Overdue post reminders. If you have planned to publish a post on some date in the future, the app will automatically remind you on that very day, or on the day before, or several days before the due date (according to your setup).
  • A plugin for editing blog posts using the Markdown syntax has been released (available in the Installer).
  • Convenient editing of META tags and TITLE tags of blog posts.
  • A completely new HTML source editor (Ace).
  • API for the Blog app.
  • Option to import news from WebAsyst Shop-Script added to “Import posts” plugin.
  • Enhanced overall performance.
  • Multiple UI improvements and bug fixes.

You can install this update for the Blog app in your Installer, as usual.

1 comment

In section “Help & Support” we have published a how-to article about conducting A/B testing of your online storefront powered by Shop-Script 5 using Google Analytics: http://www.webasyst.com/help/323/shop-script-5-a-b-testing-google-analytics/

The point of A/B testing is alternate displaying of various versions of some website page or design element (“version А” and “version B”) to different visitors to find out which of these versions yields the best effect for your business; e.g., more orders, higher average order price, longer website visit duration, lower bounce rate, etc. In the article we have described placing different product lists in the homepage, but you can actually test very different elements in the same way, from the appearance of the “Add to cart” button to the exact location of the login link to enter customer's account. You may conduct A/B testing both in the Shop-Script 5 storefront and in the frontends of other Webasyst apps: Site, Photos, Blog. To give you a real example, on our website at shop-script.com, powered by the Site app, we sometimes carry out A/B testing exactly as described in the article.

Webasyst Framework has been updated to version 1.2.0. This update features multiple system and backend UI improvements. Site and Photos apps have been updated with many new useful features.

Webasyst Framework 1.2.0

  • All-new HTML-editor for pages and design templates (Ace)
  • Improved design theme installation routine: Webasyst Store themes can now be installed directly from the design editor
  • Overall stability improvements, multiple minor UI tweaks, bug fixes

Site app 2.1.0

  • All-new HTML-editor (Ace), the ability to install Webasyst Store themes directly from the design editor
  • Multiple backend UI improvements
  • Improved routing management tool
  • Added the ability to make certain pages in the page tree folded, which makes managing large hierarchical websites even more convenient
  • Multiple minor tweaks and bug fixes

Photos app 1.1.0

  • Public Gallery plugin which turns Photos app into a public photo gallery where every registered user can upload photos in the frontend and vote for photos uploaded by other users (plugin is installed via the Installer app)
  • API for the Photos app
  • Multiple backend UI improvements
  • Thumbnails: added the ability to customize JPEG compression quality for thumbnail generation routine

We are on the homestretch to the complete transition from the previous generation of WebAsyst software to the new Webasyst framework!

Yesterday we rolled out a new version of our website dedicated only to our modern development platform (framework) and products developed on its basis: Shop-Script 5, Mailer, Blog, Photos, and other apps.

On the new website we have opened our Webasyst store at www.webasyst.com/store/, where we offer all our apps, plugins, and design themes available for installation via the built-in Installer app. The store currently contains only products developed by our company, and it is not yet available for third-party developers; this is the next task we are working on. Webasyst store will be opened for third-party developers during the fall of 2013!

Also, on the new website we have a new “Support & Help” section offering combined functionality of a forum and and an open knowledge base. You are welcome to post questions and participate in discussions! By the way, this section is powered by our new Hub app, which will be released for public use a little later.

In the developer documentation we have new sections with descriptions of API methods and plugin hooks.

old.webasyst.net

The old website of the previous WebAsyst generation is now available at old.webasyst.net.

With the website update, sales of old WebAsyst apps will be closed in several days, on September 17th, 2013. After that date, previous versions will not be available for ordering any longer. So, if you were planning to use some of old products for your projects, please consider ordering additional licenses now while there is such an opportunity. Previous versions of Webasyst apps can be ordered in your Customer Center or at old.webasyst.net.

Customer support

Technical support will be rendered to all users of previous Webasyst versions without any limitations.

Old apps descriptions, knowledge base & user manuals, forum

All contents of the previous webasyst.net website have been moved to old.webasyst.net. There you can find all useful information about previous versions of WebAsyst products.

WebAsyst online services (name.webasyst.net)

The option to sign up for new accounts has been disabled but all existing paid accounts will continue to operate as before; we are not planning to close them down.

As an alternative, we offer you our cloud service for using Webasyst framework based applications in a similar fashion.

Referral & reselling programs

Because applications based on the previous Webasyst platform will soon be no longer available for ordering, the referral and reselling programs will be closed automatically, too.

All accruals for completed orders will be paid to referral partners in accordance with the terms and conditions of the partnership program.

Resellers will retain the right to transfer all purchased licenses to their clients, as before, in their Customer Center accounts even after the sales are closed.

If you have further questions, please post them in the comments.

The latest Webasyst update addresses security issues and features a few Shop-Script 5 improvements:

  • Limits the use of certain potentially insecure PHP functions in Smarty design templates.
  • New field type “Checkbox” added to the Shop-Script’s checkout contact form settings screen.
  • Caching disabled for the shopping cart page.
  • Fixed saving of product features.
  • Fixed errors in the sales report.
  • Improved operation of method $wa->shop->categories().
  • Fixed erroneous adding of subcategories of a hidden parent category to the Sitemap file.

Another update has been released for Shop-Script (major version 5.1.9 was not changed). New in this release:

  • “Include products from subcategories” parameter is now applied to the backend. When a parent category with this parameter enabled is being viewed in the backend, then products residing in its subactegories are displayed in a lighter color than those contained in this parent category.
  • Resizable left sidebar in “Products” backend screen. Adjustable sidebar width will be convenient for online stores with deeply nested subcategories of the category tree. To resize the sidebar, hover your mouse cursor over the sidebar to make the resizing control with arrow buttons appear at its bottom.
  • Increased size of the category settings dialog.
  • Added new plugin hooks including backend_settings_discounts and order_calculate_discount; use of these hooks will allow plugin developers to add custom discount calculation options with their own settings screens in addition to the default discounts.
  • Minor bug fixes.

I'm excited to announce that several new shipping rate calculation and a payment gateway plugins are available for installation via the Installer app:

DHL

Canada Post

Australia Post

CHASE Paymentech

Sage Pay

Every plugin can be installed for Shop-Script 5 via the Installer app — for free, with just a single click in your Webasyst backend.

Below is the current list of shipping and payment modules available for the international market:

  • Cash (module for receiving payments directly in cash)
  • 2checkout
  • Authorize.Net SIM
  • PayPal (Standard Integration)
  • WorldPay
  • CHASE Paymentech
  • SagePay
  • FedEx
  • UPS
  • USPS (with shipment tracking support)
  • DHL
  • Canada Post
  • Australia Post
  • Flat rate (fixed rate shipping option)
  • Courier
  • In-store pickup (configurable unlimited list of points of delivery with optional individual surcharge setting)

In August 2013 we shall perform the final transition to Webasyst framework from its predecessor, the WebAsyst.net application family. We shall continue to render technical support to users of all WebAsyst.net products, but after August 2013 those products will not be available for purchase any more.

If you were planning to purchase any of WebAsyst.net apps, now it is the best time to do so! During July—August 2013 we will be offering the most generous discounts ever (up to 83%!). Learn more about this special offer at http://www.webasyst.net/the-final-sale.html

Switching over to the new framework will allow our team to focus fully on the development of new Webasyst products to make the framework grow even faster!

Shop-Script has been updated to version 5.1.9. New in this release:

  • Integration between Shop-Script 5 and Webasyst-powered websites, and Facebook:

    This integration is based on the use of a special design theme family, which makes your storefront (website) appear as an ordinary Facebook page and allows you to embed your website as an iframe application in the social network.

    The demo Facebook app is available at http://apps.facebook.com/webasyst-demo/

    It is very easy to embed your website or storefront in Facebook; here is what you need to do so:

    1. Install the free "Facebook" design theme with one mouse click using the Installer in your Webasyst backend.
    2. Create hidden settlements for Webasyst applications, which should be available at an individual URL; e.g., /facebook/*).
    3. Register a new application in the social network and copy&paste its App ID to the index.html template in your design editor to enable automatic user authorization.

    The detailed manual on setting up the integration is available at http://www.shop-script.com/help/facebook/.

  • Optimized backend screens for large lists (over 1000 items) of product types and features
  • New type of product features: "Yes/No" flag
  • USPS shipping rate calculation module: new features based on integration with USPS Web Tools APIs:
    • real-time shipment tracking: information on the current shipping status is displayed directly in the order-viewing page in your backend.
    • shipping labels: USPS printable forms for registering and sending USPS shipments directly from the Shop-Script 5 backend.
  • Payment module for integration with payment system WorldPay
  • Several new methods of the Shop-Script API for product management