PCI compliance is a set of security and procedural standards created by the Payment Card Industry Security Standards Council to ensure security when processing credit card transactions or storing credit card information. In effect, these best practices standards are designed to reduce or eliminate fraudulent credit card transactions by requiring every entity that processes credit cards to follow the same set of rigorous checks and balances. PCI compliance applies to all businesses, organisations or merchants, regardless of size or number of credit card transactions that hold, process, or exchange any credit card holder information. Adherence to the PCI compliance standards must be assessed annually by an independent assessor known as a Qualified Security Assessor (QSA).
Recognising the need to quickly create websites which are PCI compliant, 34SP.com created our new Business Hosting account plan. This hosting account is certified as PCI compliant right out of the box. Therefore, if you need to process credit cards you can simply purchase the Business Hosting account and know that your website is PCI compliant (Business Hosting comes with no installed shopping carts as standard).
Please refer to this excellent and detailed PDF document produced by Visa entitled, What To Do If Compromised - Visa Inc. Fraud Control and Investigations Procedures.
Below are listed a few of the top resource websites related to PCI compliance. You can also view this link from Google on PCI compliance to conduct further research.
Click here for the website of the PCI Security Standards Council. From the company's website, "This organization was founded on September 7, 2006 and is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements. The Council's five founding global payment brands -- American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. -- have agreed to incorporate the PCI DSS as the technical requirements of each of their data security compliance programs. Each founding member also recognizes the QSAs, PA-QSAs and ASVs certified by the PCI Security Standards Council. All five payment brands share equally in the Council's governance, have equal input into the PCI Security Standards Council and share responsibility for carrying out the work of the organization. Other industry stakeholders are encouraged to join the Council as Participating Organizations and review proposed additions or modifications to the standards."
Wikipedia entry on PCI compliance - Details the history and requirements for PCI compliance.
View this link for another detailed guide to PCI compliance standards including articles on issues related to PCI compliance.
Click here for the latest news on PCI compliance provided by Google.