Posted by Brian on May 9, 2013 9:53:00 AM

By Brian Seidel, President/CEO of Website Pipeline, Inc.

Let me start with this general disclaimer: I am not qualified to give professional advice on PCI-compliance… this is just my personal interpretation based on Website Pipeline going through the process of becoming a PCI DSS compliant service provider.

Background

  • Any merchant transacting credit cards has to be PCI DSS compliant – this is not a law, it is part of your contract terms with the CC companies (MasterCard and Visa).
  • A company or software package cannot make you, as a merchant, PCI compliant
  • You have to do deliberate work to be PCI compliant (initially and on an ongoing basis)
  • The likelihood of a merchant that takes credit cards being "PCI compliant" without making a deliberate, focused effort is as likely as someone who travels on airplanes a lot…passing a pilot’s license exam
  • There is no such thing as software that will make you PCI compliant
  • There is only software that is written and managed in a way that allows the merchant to be PCI compliant (if they do OTHER work) while using it
  • By contrast… if software that processes or stores credit cards is NOT "PCI approved" or "PCI compliant", it prevents you - as a merchant - from being PCI compliant no matter what else you do.

Continue to full article http://www.websitepipeline.com/content/pci-compliance-saq-types.asp

Topics: Sage ERP

 

Subscribe to our blog!


Recent Posts



Our Social Media Sites


Search our blog