Hello,
what does PCI DSS compliance really mean? Does my new website have to comply? How do I know if it is compliant?
Thanks for your comments!
Trixie

Hi Trixie,

Have you looked on the PCI council website?

https://www.pcisecuritystandards.org/index.shtml

Regards,

Simon

Hello,
what does PCI DSS compliance really mean? Does my new website have to comply? How do I know if it is compliant?
Thanks for your comments!
Trixie

Basically it means that your company can be trusted to look after credit card details - so your website must be secure, your staff must only be able to access card details if necessary, etc etc

Does your site have to comply depends on whether you store credit cards on it - NOT whether people can pay by credit card if you use a third party solution (i.e. when someone it typing in their card details does the browser show your domain or the domain of your payment processor)

Any one who takes payments online needs to be pci dss complient so if you have a ecommerce store yes you need to be complient.

Saying that though you can take on another companies compliance if you use there gateway such as sagepay and this is the easiest thing to do.

Any one who takes payments online needs to be pci dss complient so if you have a ecommerce store yes you need to be complient.

Saying that though you can take on another companies compliance if you use there gateway such as sagepay and this is the easiest thing to do.


Oh good, I am using Sagepay. Thank you so much!

Hi Trixie,

Although you may be using a gateway you will still need to check with your bank regarding compliance. Make sure they know you are using an accredited gateway for online processing and also make sure you comply for offline processing (MOTO/PDQ terminal) as they may still want you to go through level 4 accreditation if you process card payments by any other means.

Kind regards,

Simon