Are our sites PCI compliant?

by | Jun 15, 2011 | At Checkerboard, Integrated Marketing, Web Development | 0 comments

Our sites are designed to make it as easy as possible to meet the requirements to be PCI DSS certified. They never stores any credit card numbers of any kind. If credit card information is collected on your website, it is immediately sent to your payment gateway. Your WordPress only stores the information you need in order to fulfill your orders such as the names, quantities of the products purchased and where to ship the orders.

The PCI DSS Security Standard has 12 requirements, listed below, that you must meet to be compliant. It’s up to you as a merchant to observe all of them. We can assist you with the technical details.  Please consult with a QSA if you have additional questions about how the PCI requirements apply to your environment.

Build and Maintain a Secure Network

1. Install and maintain a firewall configuration to protect cardholder data.
Firewall configuration is part of your web hosting environment and can be accommodated. Our systems do not store credit card numbers, expiration dates, or cvv2 codes.

2. Do not use vendor-supplied defaults for system passwords and other security parameters.
You should be sure to change your mysql and WordPress passwords to something other than the default passwords that are used when you first install your software. It is a good idea to change the admin username in WordPress to something other than admin as well.

Protect Cardholder Data

3. Protect stored cardholder data
Our solutions do not store credit card numbers, expiration dates, or cvv2 security codes.

4. Encrypt transmission of cardholder data across open, public networks
If you ask your customers to enter their credit card information on your website you must install an SSL certificate and make sure that it is always active when transmitting the credit card information from your website to your payment gateway.

Maintain a Vulnerability Management Program

5. Use and regularly update anti-virus software
This is outside of our scope and is the responsibility of the merchant site owner.

6. Develop and maintain secure systems and applications
This is outside of our scope and is the responsibility of the merchant site owner.

Implement Strong Access Control Measures

7. Restrict access to cardholder data by business need-to-know
Our solutions do not store any credit card numbers, expiration dates, or cvv2 codes.  The order information is protected by the WordPress account system. It is the responsibility of the merchant to protect the account information for both the WordPress website and any payment gateway accounts.

8. Assign a unique ID to each person with computer access
This is outside of our scope and is the responsibility of the merchant site owner.

9. Restrict physical access to cardholder data
It is the responsibility of the merchant site owner to ensure that the hosting facility has policies in place to restrict physical access to their servers.

Regularly Monitor and Test Networks

10. Track and monitor all access to network resources and cardholder data

This is outside of our scope and is the responsibility of the merchant site owner.

11. Regularly test security systems and processes
This is outside of our scope and is the responsibility of the merchant site owner.

Maintain an Information Security Policy

12. Maintain a policy that addresses information security
This is outside of our scope and is the responsibility of the merchant site owner.

Our basee-commerce starter pack is designed to rapidly deploy toolsets for our customers to sell online. Details are hammered out during the planning phase to develop just the right starting point for your new site.

Start Your Project Today!

Call us for a free consultation at 612.787.7483

Build Your Site

Our Best in Market builds give you everything you need to get your marketing moving in the right direction.  You can count on us to build a solid foundation using industry standard tools that will help you get found in search, and grow with you over time.

Grow Your Business

Our monthly programs are customized to the specific needs of each individual client. Regardless of whether your budget is big or small, we’ll use the same strategies that are proven effective for helping reach your goals.

Support Your Team

Fast, responsive support from professionals who know what they are doing.  Support and maintenance programs available.

2960 Judicial Road, Suite 230

Burnsville, MN 55337

612.875.6005

Questions? Start here or give us a call.

612.875.6005