Ensuring that your online payments are handled in a way that is PCI compliant should be a priority for every business. Legal and liability problems can arise when credit card data is not properly handled and the sensitive data is stolen. How do you know if your online payment forms and shopping carts are PCI Compliant? If the credit card information passes through your web server then chances are they are not PCI Compliant.
If your payment forms or shopping carts send the payer’s credit card information to your web server then there is a risk that the data can be recorded somewhere on your web server. Even if the data is not intentionally saved it can wind up in the server logs or session storage. If someone hacks into the web server or a disgruntled employee finds the data, your visitor’s credit card details can be compromised and you may be held liable for damages.
The good news is that many credit card processors now offer PCI Compliant payments solutions that post the credit card data directly from the payer’s web browser to the payment processor’s server so it never passes through your web server. Depending on how your online payments are setup, using one of these solutions may require custom programming and/or configuration changes.
Implementing PCI Compliant payment solutions is a specialty of mine.
Feel free to contact me at firstname.lastname@example.org so that we can discuss your situation. The initial consultation is free and if it turns out that your online payment forms and/or shopping carts are sending credit card data through your server, I will put together a proposal for a corrective solution. You will not be under any obligation to proceed so you can find out if you need changes and what those changes cost risk free.
Don’t wait until your customer’s data is compromised. Find out now if your online payment forms and shopping carts are PCI Compliant!