Protecting your business often means mitigating risk. PCI Compliance is a set of requirements centered around limiting and managing risk. But how do you, the merchant, know if the company or software you’ve entrusted to handle your e-commerce business is PCI Compliant? Is compliance even a concern for your company?
Short answer: Yes!
The software, systems, and services you use to handle credit card data must be PCI compliant. Failure to use a compliant solution means your company assumes the risk of fees, fines, and even the loss of rights to process credit cards.
So how do you check for compliance? It’s quite simple, actually. If you use a service, like Cart32, to handle credit cards then the company hosting the service must be PCI-DSS compliant. Visa maintains a list of all compliant companies here.
If you’ve purchased software, or downloaded free or open-source software then you’ll need to verify the software is PA-DSS compliant as well as hosted in a PCI-DSS compliant environment. The PCI Security Standards Council maintains the list of PA-DSS compliant applications here.
Starting and running a business is hard work. The risk associated with accepting cardholder data through a non-PCI Compliant channel is extremely high. Cart32 undergoes rigorous audits each year to ensure your data, and businesses, are safe with us. If you have questions about PCI compliance or e-commerce in general, feel free to contact us.