THE HOST GROUP is one of the few hosting companies that provides PCI Compliant Hosting! For as low as $9.95/month we guarantee you’ll pass a PCI Security Scan by Security Metrics or we’ll refund you twice your web hosting fees. PCI Compliance is just a click away! Please Contact Us.
What is PCI Compliance?
The Payment Card Industry (PCI) Data Security Standards (DSS) are now required for all merchants, including:
- Retail (brick-and-mortar)
- Mail/telephone order
- e-Commerce
All major credit card associations such as Visa, MasterCard, American Express, Discover, Diners Club and JCB all endorse, and require the unified PCI Data Security Standards.
Does this apply to me?
Both Visa and MasterCard impose fines for non-compliance. For fine information see the Visa or MasterCard compliance regulations.
Safe Harbor
Visa defines safe harbor as the following:
“Safe harbor provides members protection from Visa fines and compliance exposure in the event its merchant or service provider experiences a data compromise. To attain safe harbor status:
1. A member, merchant, or service provider must maintain full compliance at all times, including at the time of breach as demonstrated during a forensic investigation.
2. A member must demonstrate that prior to the compromise their merchant had already met the compliance validation requirements, demonstrating full compliance.”
PCI DSS Basic Requirements
Testing is required for all external IP addresses (Internet connection points such as your company website, mail server, firewall, dial-up modem, wireless AP, etc.).
A good rule of thumb is that if you accept credit card payments and you can surf the web or have email at your business then you need to be tested.