Security & Trust

Built for secure commerce

We protect merchant data, enforce tenant isolation, and deliver layered security across the platform — so you can grow with confidence.

Visit Help CenterContact Support
Platform Protections

Security is built into every layer

We combine technical controls, policy enforcement, and operational safeguards to protect your store and customers.

Tenant Isolation

Every store is scoped to its own tenant context. Data access is isolated by default to prevent cross-tenant leakage.

Secure Sessions

Authentication sessions use secure, httpOnly cookies with strict scoping to help protect against session theft.

Role-Based Access

Admin, staff, and super-admin roles are enforced across the platform with least‑privilege defaults.

Infrastructure Hardening

HTTPS enforced, domain verification, and layered protections to keep storefronts and APIs reliable.

Audit Logging

Privileged actions are logged to provide traceability and support compliance workflows.

Fraud Controls

Rule-based fraud checks (AVS/CVC/IP/thresholds) help reduce chargebacks and abusive orders.

Trust Commitments

Clear, transparent security practices

We don’t store card details

Payments are processed by connected payment providers. Card data is handled by the processor.

Transparent incident response

If an issue impacts data security, we notify affected merchants promptly and provide remediation guidance.

Continuous improvements

Security is treated as an ongoing program with testing, monitoring, and hardening over time.

Compliance & Standards

Security practices you can trust

These badges reflect platform safeguards and industry-aligned practices. Payment compliance is handled by Stripe, with Square available in select regions.

PCI‑DSS (via payment providers)HTTPS/TLS enforcedTenant data isolationAudit loggingWebhook signature checksFraud rules & review queue
Responsible Disclosure

Report a security issue

If you believe you’ve found a security vulnerability, please contact our team and include detailed steps to reproduce. We’ll investigate quickly and keep you updated.

Report a Security IssueView Security FAQs
FAQs

Security questions, answered

Do you store customer card details?

No. Payment data is handled by the merchant’s connected payment provider, not stored by ilanoShop.

How do you prevent cross-tenant data access?

Tenant isolation is enforced at the data layer and request context so each store can only access its own data.

Can I enable fraud protection filters?

Yes. Merchants can enable filters like AVS/CVC mismatch checks, IP mismatch detection, and order thresholds.

How are admin actions tracked?

Privileged actions are logged with timestamps, user identity, and context to provide a full audit trail.

How do I report a security issue?

Contact our support team and mark the request as a security report so we can prioritize investigation.

Have a security question?

We’re happy to walk you through our safeguards or help you report an issue.

Contact SupportBrowse Help Articles

We use cookies

Essential cookies keep the site running. Analytics help us improve. Marketing cookies support relevant offers. You can change preferences anytime.

View cookie policy
Security & Trust | ilanoShop | ilanoShop - Secure UK Online Store