What is PCI Compliance?
In the words of the PCI Security Standards website itself:
“The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.”
The main concern around PCI Compliance is preventing fraud, both with customer passwords or details as well as credit cards. It is essentially a list of rules and standards which reflect how well your whole organization is protecting the sensitive data of any person you gather any kind of information on.
Specifically, when it comes to online credit card transactions, PCI Compliance is concerned with how the customers personal and credit card information is stored and protected. Protection of online customer information and data is something every organization should prioritize.
Protect stored cardholder data
With any website or web application we build, we ensure this data is never stored on the webserver. All transaction data is encrypted (with an SSL certificate) when sent over the payment gateway’s API. All traffic is routed over HTTPS only.
Restrict access to cardholder data by business need-to-know
Your website provides a WordPress login function and leverages WordPress’ user roles and capabilities so you can properly manage all user accounts on your site to effectively restrict access to customer information.