If you have or are considering having an online store or e-commerce site it is critical that the payment process is secure.
We will look at how important it is to have a checkout process that looks secure in a different article, because people won’t just hand over their credit card information to anyone, no matter how good the product or price is. They have to feel comfortable. And that comfort comes from a few different things, like brand recognition, site design, ease of the process, and so forth.
But for this post we are going to focus on what you as the owner of an online store need to do to make sure your payment process is secure.
First, you need to know that there is a governing body in the industry that has set standards for this.
The Payment Card Industry (PCI) has created a Data Security Standard (DSS) known as the PCI-DSS. The following description was taken from the PCI website.
“The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.”
Follow this link to see the source page.
By looking at the standard documents and agreements that must be met in order to comply with the PCI-DSS you get a better idea of the keys points of security. Those documents are:
- Payment Application Data Security Standard (PA-DSS)
- PIN Transaction Security (PCI-PTS)
- Point-to-Point Encryption (PCI P2PE)
Basically, the five top Credit Card Companies worldwide (AMEX, VISA, MASTERCARD, Discover, and JCB) formed this council to ensure that their customers’ data was secure and that fraudulent charges would be eliminated.
For your online store you need to make sure you comply with this standard. There are different shopping cart software providers that are validated as complying vendors, so make sure whoever you choose is one of those.
Also, before contacting anyone about building or modifying your online store do your homework and get acquainted with the terminology of the PA-DSS. This will make you more comfortable with your decision and it will let your developer know that you are serious and knowledgeable.
You can download a copy of the PA-DSS glossary here.
Bottom line is that the best way to make sure your online store has a secure payment process is to choose one of the shopping cart solutions that are already validated. As you begin to speak with website developers be sure to ask if the platform or shopping cart software that they use is validated according to the latest version of the PA-DSS.
It is also good to choose a software package from a vendor who continues to enhance their software with updates and improvements.
Was this article helpful? Have any questions? Comment below.