Important Message for Ecommerce Webmasters

If you are running an ecommerce website and storing customers credit cards and other transactional information into your website then you must be aware about PCI Compliance. PCI is basically a security standared council accepted globally. This organisation is setup by major card provider companies which includes American Express, JCB Internation, MasterCard and Visa.

So if you are accepting payment through cards on your website then  your website should be PCI Compliance. There are three Basic steps for adhering to PCI Compliances.

1. Assess – In this criteria you need to identify cardholders data through your web mechanism.You should take an inventory into your web application(which most of the major ecommerce platforms provide automatically) and you should see if any vulnerabilities available, these vulnerabilities is not one time process its a process which should be taken care time to time because risk of system vulnerablity may increase with time In order to do this you should inform your customers regarding upcoming vulnerabilities .
2. Remediate – Fix the vulnerability that you found in the above process and don’t store card infromation untill unless its not very necessary.
3. Report – After a certain time you must conclude all your selling and prepare the reports which should be passed with all your validation and then submit remediation validation records to the acquiring bank and card brands with whome you are doing business.

Apart from this you should know what are the specific requirement from your card brand with whome you are doing business. Following links may help you

• Discover Financial Services: http://www.discovernetwork.com/fraudsecurity/disc.html
• JCB International: http://www.jcb-global.com/english/pci/index.html
• MasterCard Worldwide: http://www.mastercard.com/sdp
• Visa Inc: http://www.visa.com/cisp
• Visa Europe: http://www.visaeurope.com/ais
• American Express: www.americanexpress.com/datasecurity

Benefits of PCI Compliance:

*. It prevent security breach and theft of payment card data

*. Complaince with PCI Means your system is secure and trustworthy for your customers.

*. Customers Trust with your site is a greatest crucial factor for site success.

*. PCI Security Council will help you to understand risk and vulnerability.

*. Apart from above you can have multiple indirect benefits as well like you are already better prepared for next level of security threat and in security strategy.

Non PCI Compliance may affect your websites in following ways:

*. It can be a security compromise between merchant, Customer and financial institutions.

*. Data breach may lead toloss of sale, your relationship with customer and market repo.

*. Legal issues may occur

The following two tabs change content below.

• Bio
• Latest Posts

Chandra Shekhar

GCP Architect

Chandra Shekhar Pandey is Google certified Cloud engineer, I am Magento2 Trained developer. Having huge experience in designing cloud solution. I have around 12 years of experience with world enterprise IT companies and fortune 500 clients. During my architecture design I am always caring about high availability, fast performance and resilient system. From the programmer background I have huge experience in LAMP stack as well. Throughout my carrier I have worked on Retail, E-Learning, Video Conferencing and social media domain. The motive of creating cutehits was just to share the knowledge/solutions I get to know during my day to day life so that if possible I can help someone for same problems/solutions. CuteHits.com is a really a very effort for sharing knowledge to rest of the world. For any query/suggestion about same you can contact me on below details:- Email: shekharmca2005 at gmail.com Phone: +91-9560201363

Latest posts by Chandra Shekhar (see all)

• Best practices for micro service design - January 23, 2022
• Spring Boot - January 23, 2022
• Java - January 23, 2022