At StoreHippo, we take security very seriously. We take several measures and keep doing security audits from time to time to make sure your data is secure.
StoreHippo uses world-leading cloud providers Amazon Web Services(AWS), Microsoft Azure and Google Cloud Platform(GCP) to run our infrastructure. All the platforms have stringent rules in place against any security breach in their data centres. In terms of compliance, both platforms are heavily compliant. Some of the standards they are compliant with are:
StoreHippo never stores credit card information on our servers. All credit card entries happen at our Payment Gateway partners who are PCI-DSS compliant.
SQL Injection is a nasty problem in the case of RDBMS systems like MySQL. Using No-SQL database MongoDB as the storage, StoreHippo gets rid of this problem effectively.
MongoDB avoids the potential for problems by not parsing. As a client program assembles a query in MongoDB, it builds a BSON object, not a string. Thus traditional SQL injection attacks are not a problem.
We use the latest AngularJS for our front end which provides built-in security measures against several attacks like XSRF/CSRF. All of our themes are designed to avoid XSS attacks.