Demandware (www.demandware.com), developer of the breakthrough On-Demand eCommerce platform, today announced that it is the first and only eCommerce platform provider to achieve Payment Card Industry (PCI) Compliance certification for the latest version of the standard, PCI Data Security Standard (DSS) version 1.1. This new standard sets more stringent requirements for hosted providers handling and processing credit card data on behalf of third parties. Demandware has partnered with Security Metrics to perform the on-site audit of the Demandware eCommerce Platform.

According the Federal Trade Commission, credit card fraud (25%) was the most common form of reported identity theft in 2006. More than $48 billion was lost by financial institutions and businesses in that year due to identity theft, and $5 billion lost by individuals.

By working with Demandware, retailers are assured that their eCommerce platform provider enables their businesses to adhere with PCI standards for data security and reliability and avoid jeopardizing important customer data and hefty fines. The Payment Security Standards Council has mandated that a company processing, storing, or transmitting credit card numbers must be PCI Data Security Standard (DSS) compliant or risk losing the ability to process credit card payments through the major credit card companies. Organizations that fail to comply risk not being allowed to handle cardholder data and fines up to $500,000 if the data is lost or stolen.

"Now more than ever, it’s critical that companies take every measure possible to protect the security and integrity of their customer data," notes senior security analyst and certified information system security professional (CISSP) Gary Glover at Demandware’s security partner Security Metrics. "By partnering with Demandware, customers can have confidence that their ecommerce businesses can be compliant with the highest standards of integrity and security."

Demandware Only Provider to Meet New Mandatory PCI Standards for Hosted Commerce

Demandware has met the PCI DSS version 1.1 set of comprehensive requirements for enhancing payment account data security, developed by the founding payment brands of the PCI Security Standards Council, including American Express, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS version 1.1 is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. Demandware has proven it can meet the rigorous PCI Compliance standard to help organizations proactively protect customer account data.

"Adhering to PCI standards is of the utmost importance for all retailers," said Wayne Whitcomb, vice president of engineering and technology at Demandware. "Demandware recognizes this, and gives our customers the peace of mind of a secure online platform."

About Demandware, Inc.
Demandware drives the success of high-growth brands with its breakthrough On-Demand eCommerce Platform+ that empowers merchandising and marketing talent with total control over the shopping experience and continuous competitive differentiation. Leading brands such as Bare Escentuals, Playmobil, and Playboy leverage Demandware's best-in-class eCommerce functionality and automatic upgrades to help achieve higher conversion rates, increase average order size, and improve customer retention. Demandware is the only on-demand ecommerce solution that enables the rapid rollout of new sites, provides ubiquitous access to business and technical users, and is backed by a patented grid computing architecture that delivers capacity as needed for performance and reliability that exceeds industry standards. For more information about Demandware, visit www.demandware.com, call 888 553 9216 or info@demandware.com.