Are you PCI Compliant?
Posted by websiteverification on January 24, 2009
What does it mean to be PCI compliant? Many people find the subject confusing and overwhelming. Nevertheless, PCI compliance is super important. It used to be optional for smaller businesses, but with hackers becoming more clever and bold, it is required for all merchants who process credit card transactions no matter how few, to become PCI compliant.
Not only is it important for businesses to be PCI compliant, but it is important that they become PCI compliant as quickly as possible, in order to respond to the increasing concern of credit cardholders about their security. Here a few steps to follow in order to get you started with PCI compliance.
First, determine your merchant level. All merchants fall into one of four levels as defined by the number of transactions the business processes over a year. For example, a level 4 merchant is classified as a business that processes fewer than 20,000 transactions per year, and is the most common small business merchant level. Once you know your merchant level, you will know more about exactly what is required of you.
Next, you should complete the PCI DSS Self Assessment Questionnaire (SAQ). The SAQ is a tool used to assist merchants and service providers in evaluating their compliance.
Finally, you should appoint a qualified vendor to perform the required network scans of your system in order to check for vulnerabilities. This is known as PCI scanning, and Trust Guard now offers this. I have found that they are really affordable compared to other companies, and not only that, they also offer third party verification and trust seals.
These are just a few of the steps you can take to get started with your PCI compliance. You will want to check with your acquirer or bank in order to find out more specific things you should do to become PCI compliant. It is super important, and will probably even attract more customers to your website as they will know that their information is safe. You can’t lose!