Important Message for Ecommerce Webmasters

 

If you are running an ecommerce website and storing customers credit cards and other transactional information into your website then you must be aware about PCI Compliance. PCI is basically a security standared council accepted globally. This organisation is setup by major card provider companies which includes American Express, JCB Internation, MasterCard and Visa.

So if you are accepting payment through cards on your website then  your website should be PCI Compliance. There are three Basic steps for adhering to PCI Compliances.

  1. Assess – In this criteria you need to identify cardholders data through your web mechanism.You should take an inventory into your web application(which most of the major ecommerce platforms provide automatically) and you should see if any vulnerabilities available, these vulnerabilities is not one time process its a process which should be taken care time to time because risk of system vulnerablity may increase with time In order to do this you should inform your customers regarding upcoming vulnerabilities .
  2. Remediate – Fix the vulnerability that you found in the above process and don’t store card infromation untill unless its not very necessary.
  3. Report After a certain time you must conclude all your selling and prepare the reports which should be passed with all your validation and then submit remediation validation records to the acquiring bank and card brands with whome you are doing business.

Apart from this you should know what are the specific requirement from your card brand with whome you are doing business. Following links may help you

 

Benefits of PCI Compliance:

*. It prevent security breach and theft of payment card data

*. Complaince with PCI Means your system is secure and trustworthy for your customers.

*. Customers Trust with your site is a greatest crucial factor for site success.

*. PCI Security Council will help you to understand risk and vulnerability.

*. Apart from above you can have multiple indirect benefits as well like you are already better prepared for next level of security threat and in security strategy.

Non PCI Compliance may affect your websites in following ways:

*. It can be a security compromise between merchant, Customer and financial institutions.

*. Data breach may lead toloss of sale, your relationship with customer and market repo.

*. Legal issues may occur

Related posts:

The following two tabs change content below.

Chandra Shekhar

GCP Architect
Chandra Shekhar Pandey is Google certified Cloud engineer, I am Magento2 Trained developer. Having huge experience in designing cloud solution. I have around 12 years of experience with world enterprise IT companies and fortune 500 clients. During my architecture design I am always caring about high availability, fast performance and resilient system. From the programmer background I have huge experience in LAMP stack as well. Throughout my carrier I have worked on Retail, E-Learning, Video... Read More about Chandra Shekhar

Latest posts by Chandra Shekhar (see all)