For developers, the words “PCI compliance” usually conjure up dread and memories of much hardship. Nevertheless, if you’re taking and storing credit card details online, then PCI compliance is something you must know about.
Despite being a complex and involved process, PCI compliance not only keeps your website compliant with the law, it can also help improve your conversions.
So what is PCI compliance and why should I care?
If you take orders online or offline then you’ll need to comply with the PCI DSS standard. This standard ensures that you store and secure the customers details in the proper manner. After all, those details are the most valuable things on a website and protecting them from hackers should be a website’s number one concern.
If you aren’t compliant then you could be fined (heavily) and any breach could seriously damage your websites/brands reputation.
Depending on what type of website you run and how you take payment will determine what level of compliance you require.
Taking payments directly or using a third party
There are several ways you can take payments online. Typically, a visitor will go through a checkout process and be redirected on to a website such as SagePay and enter their card details there.
Payment providers such as SagePay have the highest level of compliance and store all the details meaning that you can offload most of the compliance burden to them. This can save you a lot of hassle and allows you to focus on the other areas of your checkout process. It also helps to build trust with regular online shoppers who know they are safely entering their details to a trusted payment provider.
Don’t risk not being compliant
Getting PCI compliant can be a nightmare if you’re new to the process but you must make sure your website is up to scratch otherwise you run the risk of being hacked, damaging your brand and suffering a heavy fine.
Luckily all the information you need to get compliant can be found online and getting through the process is much easier when you work with your web developer or web agency.