Even before the PCI security standard for applications (PABP) becomes mandatory the PCI organization has retired it. It has been replaced with a new PA-DSS standard. The PCI web site details the  changes from PABP to PA-DSS.

One of the big changes is the PA-DSS is NOT required to process credit cards unless your credit card gateway/provider requires it. This should be a huge relief to many merchants as it will allow them to negotiate with their payment provider for a reasonable timeline to get certified.

 

BV Commerce has once again won the AspNetPro Magazine Reader's Choice Award for Best eCommerce application. That makes 4 out of the last 5 years that it has captured the title. An incredible achievement given the pace of innovation in the industry.

DotNetBB our message forum software has also captured the runner-up position for best asp.net forum software. 

If you've ever needed to get a quick export of everyone who has purchased from your store in the last year this SQL script can be used to generate a comma separated text file. Make sure you change the "> date" part to be the correct starting point for your export. You'll get customers' names, address, phone and email as long as they placed an order on your store.

 

 Run this in SQL Management Studio and then copy and paste the results to a text file. You can open the text file in Excel as "comma separated" (CSV) to get sort the data or mail merge.

 

It's been almost exactly 6 years since the very first release of BV Commerce. It was the very first commercial ecommerce software for the .NET platform and we're still going strong. I started writing the first version back in September of 2001 and it was released in February as soon as the .Net Framework 1.0 was official released.

I'm often asked "What does 'BV' stand for?" The truth is it could stand for a lot of things but "Best Value" is the answer I usually give. I went through tons of names but it seems like every domain name in the world related to commerce was taken back in 2001. Would you believe that even "jerboa" was taken? So "BVSoftware.com" was available and "Best Value" sounded good enough. If I called it "comrc" or some other misspelling I'd probably have $5M in VC money right now :-)

The BV Software logo has changed a lot since the first days too:  

The very first BV logo. I thought purple was a good choice!


The image of a methane molecule that served as a template for the next BV Logo

 
The very first "molecule" version of the BV logo.

The third BV logo with a 3D glossy molecule and more red!



A green version that never made it but did introduce the ITC Kabel font.

 

Current BV Software Logo
 

New design idea for dropping molecule symbol

 

I sold exactly 16 copies of BV Commerce 1.0. It didn't support choices or options and was all table based design. BV Commerce 2.0 followed less than 6 months later with a host of improvements and things have been growing non-stop since.

P.S. If you see Randy from GlobalWeb.net on the forums he was the very first BV Commerce customer and is still an active host/developer in our community!

The major credit card companies are giving merchants until 2010 to ensure that all applications are PABP certified or PCI compliant. PABP certified is used for packaged software (like BV Commerce 5) and PCI is used for hosted services and hosting companies.

There are 4 levels of merchants and the deadlines are different for each one.
Level 4 Merchants - Process 0 to 20,000 transactions per year
Level 3 Merchants - Process 20,000 to 1 Million transactions per year
Level 2 and Level 1 Merchants - Process over 1 Million transaction per year

Terms used
Known Vulnerable Applications - Software known to Visa to store unsafe data. (BV Commerce is NOT a known vulnerable appliction)
Certified Applictions - Software that has passed a certification test
New Accounts - New credit card processing accounts for merchants that do not currently process cards

Schedule of Requirements

Phase 1 - January 1, 2008
New Account must not be using Known Vulnerable Applications. A new merchant can use BV Commerce as it is NOT a known vulnerable application. No effect on existing merchants.

Phase 2 - July 1, 2008
Payment processing companies must only certify new software that is also a Certified Application. Current software and customers are not affected. Current merchants are able to use BV Commerce just as they do now.

Phase 3 - October 1, 2008
New Accounts are required to EITHER use a PCI compliant hosting company OR use a PABP certified application. Existing merchants are not affected and can continue to use BV Commerce as normal. New Accounts must use a PCI compliant hosting company if BV Commerce is not certified by this date. We fully expect that BV Commerce will be certified long before this time.

Phase 4 - October 1, 2009
Known Vulnerable applications will be de-certified for credit card processing. BV Commerce is not a Known Vulnerable application and will also be certified by this date. No impact to any BV Commerce merchant.

Phase 5 - July 1, 2010
All merchants will be required to use Certified Application. BV Commerce will have been certified long before this time and there will be no risk/impact to merchants.

Summary - Impact to BV Commerce merchants
BV Commerce 5 is currently 90% compliant and we are working hard to implement the last few remaining features. The major hold back at this point is the requirement that we allow merchants to change encryption keys on the fly on a running store. This will require a service pack to BV Commerce 5 and we will complete certification before the end of this year.

There will be no impact/risk at all to BV Commerce 5 merchants. Existing merchants will have until 2010 to move to a certified solution but BV Commerce 5 will have been certified long before that deadline. 

BV Commerce 2004 merchants will need to upgrade to BV Commerce 5 (or a later version) before July 1, 2010 in order to process credit cards with a certified application.

Visual Studio 2008 is almost released into the wild. Microsoft has promised that it will be available by the end of this month. One of the great new features of VS2008 is the ability to compile projects that target .Net 2.0, 3.0 and 3.5. This is the first time since Visual Studio moved over to .Net that the toolset supports multiple frameworks.

There is a catch. Even though you can compile a 2.0 project with VS2008 you'll have to upgrade the project/solution files to the VS2008 format. That means if one person on your dev team moves to VS2008, the entire dev team for that project must be on VS2008. 

 When should BV move to VS2008? We'll have some people on the first day it's available asking why we're not shipping a VS2008 project. We'll have other people two years down the road complaining if we no longer support VS2005. Thoughts?

 

 

We're getting ready to publish service pack 3 for BV Commerce 5 later today. This release is mostly bug fixes but it does bring back the Choice Grid feature of BVC 2004. This option lets you display all possible choice combinations at once on a product page. For example, if you have a T-Shirt that comes in S,M,L and Red,White you'll see all six combinations displayed with a quantity box next to each one.

We anticipate the final release of SP3 will be next week.