The Payment Card Industry Data Security Standard is the worldwide standard for businesses processing card payments.
What is PCI compliance and why would a website need this?
PCI compliance is a set of security and procedural standards created by the Payment Card Industry Security Standards Council to ensure security when processing credit card transactions or storing credit card information. In effect, these best practices standards are designed to reduce or eliminate fraudulent credit card transactions by requiring every entity that processes credit cards to follow the same set of rigorous checks and balances. PCI compliance applies to all businesses, organisations or merchants, regardless of size or number of credit card transactions that hold, process, or exchange any credit card holder information. Adherence to the PCI compliance standards must be assessed annually by an independent assessor known as a Qualified Security Assessor (QSA).
How does our website become PCI compliant?
Recognising the need to quickly create websites which are PCI compliant, 34SP.com created our Universal Hosting account plan. This hosting account is certified as PCI compliant right out of the box. Therefore, if you need to process credit cards you can simply purchase the Universal Hosting account and know that your website is PCI compliant.
What should I do if I think my credit card data or that of my customers has been hacked, stolen or compromised?
Please refer to this excellent and detailed PDF document produced by Visa entitled, What To Do If Compromised - Visa Inc. Fraud Control and Investigations Procedures.