| |
Get PCI Compliant Now
and Save
With credit card data theft from large
companies and organizations continuously hitting the headlines; card
issuing companies are beginning to demand more from e-commerce
merchants, large and small, to ensure that their not only their
websites are secure but their internal network and servers
as well.
PCI (Payment Card Industry) compliance has been optional for
many small merchants up to now. Avoid costly fines and
penalties that could put your company out of business.
Start today by downloading a FREE PCI Self Assessment
Quiz.
Download the FREE PCI Self Assessment
Quiz Here
Non-compliance risks
Online store owners who are obligated to implement a PCI compliance
program who don't become compliant may find themselves without the
ability to process transactions or may face fines from the card
company in a situation where security is breached.
In a nutshell, this means that if your online store process payments
via credit card, you'll need to become PCI compliant - and it's not
something you'll be able to do totally on your own as PCI compliancy
requires scanning and verification by a 3rd party.
From Visa’s website:
If a Visa member fails to immediately notify Visa USA Fraud
Control of the suspected
or confirmed loss or theft of any Visa transaction
information, the member will be
subject to a penalty of $100,000 per incident.
Members are
subject to fines, up
to
$500,000 per incident, for any merchant or service
provider that is compromised and
not compliant at the time of the incident.
It all sounds a little scary if you haven't been through it before
and while it is an inconvenience and can be costly depending on the
vendor you select, the process isn't as difficult as you might
expect - but much of the complexity will also depend on the third
party scanning vendor you engage. You should really shop around for
deals on PCI compliance because you'll find huge variations on price
and support.
What is PCI compliance?
 PCI compliance is a set of security criteria that must be
implemented in order to protect sensitive information during any
credit card transaction. The compliance criteria include specific
auditing procedures, some of which are automated, the others
requiring merchant input. The Payment Card Industry Data Security
Standard is referenced by all credit card issuers.
PCI compliance for most merchants, that is those processing up to 6
million transactions a year, consists of the following elements:
- Quarterly scan by an authorized scanning vendor
- Yearly self assessment questionnaire
Quarterly PCI compliance scan
The scanning vendor you engage will run a battery of automated tests
against your web site and then provide a report. The scans are very
thorough and test for hundreds of different issues.
The report will contain a great deal of detail, highlighting
potential problem areas in relation to severity. Depending on the
issue uncovered, it may be just an advisory on how you can improve
your security; but there will also be flags that show items that
prevent your site from being PCI compliant.
A good vendor with then work with you and your web host if necessary
to help you address those issues.
Get PCI compliant the easy
way!
PCI compliance doesn't have to be stressful
or confusing!
Engage the services of GET-PCI-COMPLIANT.COM, a certified
scanning vendor and industry leader. GET-PCI-COMPLIANT.COM will
step you through the PCI compliance process and
provide all the support you need - at the very best prices!
PCI compliance self assessment
Added to the scan, you'll also need to complete a PCI compliance
self assessment form; a sample of which can be viewed here (PDF).
It's broken down into the following requirement sections:
Build and maintain a secure network
Protect and maintain client data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks
Many merchants may find the form utterly confusing given some of the
terminology, but again, a good PCI compliance vendor will assist you
with completing this form.
The benefits of PCI compliance
While all this may seem to be a terrible inconvenience, there are
certainly some positive spinoffs from becoming PCI compliant;
including
Scanning vendors will provide you with a seal for display on your
site which will help assure your customers that you are able to
secure their details; which means less shopping cart abandonment. In
fact, many merchants report substantial increases in sales when
displaying recognized seals.
You'll sleep better knowing that your
platform is secure.
You will be contributing to cracking down on the filth of the online
world who seek to create havoc through the theft of credit card
details.
You will be contributing to improve the general perception of
consumers regarding e-commerce and that benefits everyone.
3rd Party PCI compliance Auditing
Like any service, you have a wide range of choices -
and a wide range of pricing. The important thing to remember is that
you go with a firm that is experienced and will meet you
face to face and perform the audit on-site, so it's certainly in their best interests to
get it right.
Having said that, you don't want to engage the services of a firm
that has poor communications. Time is money and the less time you
need to spend on this exercise, the better. It's also important to
choose a firm who will go beyond just handing you a
report and then leaving you to figure it out on your own.
|
|
|
Fill out this form
and the FREE Self Assessment Quiz will be automatically sent
to you
GET-PCI-COMPLIANT.COM (949) 631-7000
1239 Victoria St. Suite I Costa Mesa CA 92627
|
|