Does your web store take credit cards?
Then you need to read this.
These days, it’s easier than ever to open an online store. Modern eCommerce solutions bring together all the elements needed to run a business, from products and pricing to customer records and logistics.
It’s tempting to think that you can just buy a system, load up your data with Excel spreadsheets, tweak a few things, and start taking orders.
But there’s one factor you need to have airtight before your first customer adds their first item to their cart.
What happens to your clients’ credit card data when they place their order? Can anyone see it? Does it get stored in your system? Somewhere else? Not at all?
How can you be certain that your customers’ transactions are secure?
Fortunately, you don’t have to answer all of these questions yourself. Back in 2006, all the major credit card companies got together and established a set of requirements and guidelines to ensure the security of credit card holders online.
Known as the Payment Card Industry Data Security Standard (PCI-DSS), it regulates every aspect of cardholder security, from software design and network architecture to workplace policies for offices housing servers that handle transactions.
By adhering to the guidelines laid out in the PCI-DSS, you greatly reduce the risk of losing credit card data or, worse, having it stolen. Some of the guidelines are basic common sense and easy to implement, such as regularly scanning your system for weaknesses, properly training employees, and restricting access to secure areas.
Businesses that follow these requirements are said to be PCI-Compliant. Companies can prove PCI compliance fairly easily through a self-assessment process that usually takes a few weeks.
But what about your web store itself?
The only way to be certain that the eCommerce solution you purchased and the technology behind it conform to PCI-DSS requirements is to have it PCI-Certified. This involves having the whole system audited by a Qualified Security Assessor (QSA)… an exhaustive top-to-bottom inspection that costs thousands of dollars and can take up to six months.
But there is some good news.
While PCI compliance in your workplace and business practices remains your responsibility, reliable eCommerce companies have their solutions PCI-certified themselves, and keep their certification up-to-date with an annual audit. That means you can rest easy from the very beginning with a system proven to keep your customers’ data safe.
By choosing an eCommerce solution that is PCI-DSS Compliant, you will eliminate much of the cost and hassle involved in handling credit cards securely… which, any way you slice it, is a must for a modern online business.
k-eCommerce is an innovative B2B and B2C eCommerce platform that integrates to Microsoft Dynamics. It allows you to simplify and accelerate your organization’s ability to sell online by pulling pricing, inventory, product information and more from your ERP and displaying it on your online store.