PCI Compliance Guidelines

Your store is hosted in a secure data center that meets the network testing requirements for Level 4 Merchants, as defined by the Payment Card Industry (PCI) standards for businesses that accept payment by credit card over the Internet. To learn more, see our Attestation of Compliance for service providers.

In addition to maintaining a secure hosting environment, there are additional requirements that merchants must meet to ensure the privacy of cardholder data. Every merchant who handles customer credit card information is required by the Payment Card Industry (PCI) to conduct business within the following guidelines:

PCI Requirement Checklist
1Install and maintain a firewall configuration to protect cardholder data.
2Do not use vendor-supplied defaults for system passwords and other security parameters.
3Protect stored cardholder data.
4Encrypt transmission of cardholder data across open, public networks.
5Use and regularly update anti-virus software.
6Develop and maintain secure systems and applications.
7Restrict access to cardholder data by business need to know.
8Assign a unique ID to each person with computer access.
9Restrict physical access to cardholder data.
10Track and monitor all access to network resources and cardholder data.
11Regularly test security systems and processes.
12Maintain a policy that addresses information security.

By putting these guidelines into practice, you have the satisfaction of knowing that you are doing all within your power to provide your customers with a safe and secure shopping experience. As your business grows, you may be required to file a compliance report on an annual basis. PCI reporting requirements increase in proportion to merchant level, but are waived for businesses that process fewer than 20,000 credit card transactions per year. To learn more, visit the PCI Security Standards Council website.

See also:

Industry Compliance

Cookie Law

Privacy Policy

Discussion:

Explore the Knowledge Base