April 16, 2011
The PCI Standard is a set of rules set by the PCI Security Standards Council. The council was founded by major credit card companies; more specifically by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc.
ALL online merchants; no matter how small or large they are, must run their credit card transactions on a PCI DSS certified environment. (PCI DSS means Payment Card Industry Data Security StandardS)
What this means to you?
This means that your shopping cart should be PCI certified in order to encrypt data transfers from sensitive pages such as your Checkout page where customers enter vital information such as Name, Address, and Credit Card numbers.
These pages in your site must be HTTPS (secure) and your shopping cart must be PCI certified. Always ask before making a final decision about your Shopping Cart Platform to make sure you won’t be fined.
Who can impose fines to not compliant online merchants?
Your bank can impose fines. They are the one who provided you with a Merchant Account and they can be liable for credit card fraud so they want to protect themselves by making sure you provide a PCI compliant shopping experience to your customers. Most banks won’t open a Merchant Account for you if you can’t prove your are using a PCI certified platform.