R&L Merchandise's PCI compliance integration protects your data.

Highest available security

 Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1.  This is the most stringent level of certification available in the payments industry. To accomplish this, Stripe makes use of best-in-class security tools and practices to maintain a high level of security at Stripe.

Http:// versus Https://

If you really wanted to, you could read for days in order to discover the differences betwen the two, but simply put the 'S' stands for 'Secure'.


This means all commincations between your browser and R&L Merchandise is encrypted, by our SHA-2 and 2048-bit Secure Socket Layer (SSL) encryption protocol, the strongest website encryption on the market today, and is virtually uncrackable.


If you use a web browser such as Internet Explorer, Firefox and Chrome you will notice a padlock icon in the address bar to visually indicate that R&L Merchandise has a HTTPS connection in effect.

external link: how ssl works

Compliment of Security Protocols

Some may think an online store, or any website is safe as long as the web address begins with 'https', but that is not the case.


SSL certificates, even our 2048-bit encryption is only the first tier of the security and assurance we owe to our customers.  Our SSL certificate protects your data from interception while you are entering it in our Checkout Cart, and from there our compliment of 3rd party security protocols ensure the further protection of your financial and personal data.


You see, R&L Merchandise does not receive or store your financial information.  Our Checkout Cart may have the 'face' of our store, but in actuality you are entering your data directly into Stripe or Paypal, based on which Payment gateway you choose to process your checkout with.


Think of it in this brick and mortar store scenario. You walk into Bob's Florist to purchase a nice bouquet of flowers, and when you go to the register to pay, Bob tells you he does not process payments, but he has an unaffiliated 3rd party Banker standing next to him with a credit card terminal. That Banker swipes your card, and tells Bob that your payment has cleared. Bob says 'thank you for shopping at Bob's Florist", wraps your purchase and wishes you a good day.  Per the bank's schedule, Bob receives your payment a few days later.


You leave confident, knowing your financial information is secure, because you are aware of the bank's reputation and ability to protect your data.


This is a simplification, but accurate example of how our compliment of security protocols, and our use of 3rd party payment gateways ensures the safety of your personal and financial information.

Stripe PCI-DSS Audit

As a 3rd party Auditor, Visa has determined the Stripe payment gateway to be a PCI Service Provider Level 1, the highest attainable standard to date.  

External link: goto visa to review the current certification

PCI-I Compliance Standard

The Payment Card Industry Data Security Standards (PCI-DSS) sets pci compliance requirements for PCI-1 through PCI-4.


Stripe meets the highest standard available.


Below you may review additional info about the compliance levels, and why our choice to incorporate Stripe into our business plan was a wise one.

External link: Goto PCI Security Standards Council to review more

Paypal PCI-DSS Audit

 As with Stripe, Visa has determined the Paypal payment gateway to be a PCI Service Provider Level 1 payment processor.  

External link: goto visa to review the current certification