PCI Compliance – Protecting Your Payments



Taking payments online requires a level of care and attention well beyond the ease and security of accepting crumpled bills of cash behind a store counter. Your business might take payments online through your website or the increasingly popular mobile site. You might also process checks left by clients at your place of business, or credit cards that are processed in your system with paper or online forms filled by your customers.

While the security of cash or a one-time credit card payment is often guaranteed, it’s when payment and credit card data is exposed to online channels that safety becomes a concern: and where PCI Compliance comes in.

PCI Compliance

PCI, short for Payment Card Industry Compliance, it is a Data Security Standard that applies internationally and has been assembled by the PCI Security Standards Council (PCI SSC). In an effort to prevent credit card fraud when processing payments, all companies that process, store or transmit credit card information is required to maintain a secure environment. This means controlling data and its exposure and making sure it doesn’t fall into the wrong hands. PCI compliance is required by anyone with a merchant ID and is enforced by the payment processors themselves – not the council.

Running a business that takes payments over the Internet means ensuring that you, as a merchant, comply with all the PCI Data Security Standard (DSS) requirements.

How PCI Compliance Applies to Your Business

Your credit card transaction volume puts you into a category: Merchant Category 1, 2, 3, or 4. PCI Compliance is required for Level 1, 2 and 3 merchants, and may be required for Level 4. In 2013, the standards have been revised so Level 4 merchants will also be required to subscribe to a secure payment-hosting platform.

Why Should I Do It?

Being secure isn’t just about the law: it’s about your customers.

It provides better customer service when they’re processing payments and ensures they convert. Noting that a site’s payment system is not properly secured, with appropriate security badges from Verisign and a PCI-compliant platform such as E-Complish, is often enough to drive customers away from your site.

This applies whether they are purchasing new products, or signing up for online billing to help you manage your cash flow by having them sign up for recurring payments.

How To Be PCI Compliant

Keeping customer data secure isn’t as difficult as it looks. Any credit card data that comes in over your website, or that is processing in your online payment system, needs to be secured by using an online payment processor that fulfills all the data requirement standards of PCI compliance. E-Complish solutions, for example, ensure that all elements of payment processing are completely PCI compliant. Whether you’re taking payments from customers on your website, using HostPay by E-Complish, or on a mobile site using MobilePay, the platform will ensure that no credit card data is compromised. The same applies to any recur or batch payment systems, such as DirectPay, RecurPay, and DebtResolve.

For more information about PCI compliance, take a look at our PCI Compliance SlideShare available in our resource center.