Who really cares about PCI Compliance ?

You shouldn’t if you are only buying things online ( we think )

However, you really should if you are the seller and you are hosting your own credit card pages on an https or secure page. Why, well its pretty obvious that whoever authorized your online credit card system actually took a peek at your page initially to say that it measured up to certain standards.

These standards which covered the obvious points such as correct pricing, truth in advertising etc., were significantly upgraded in 2009 and are being tightened even further in 2010 to the point where even very large brand name retailers may decide to host with certified centers instead of jumping through the Visa/MasterCard/Amex hoops of 2010.

The tightening is going to be so tough in 2010, that it is being strongly suggested that those having websites that take credit cards ensure that the credit card page or the entire shopping cart is hosted with a service provider in a facility that is itself 2010 PCI compliant.

What does a PCI compliant facility look like ?

Well, it doesn’t look like my house or yours ( for a start ). The use of wireless even for secretaries and other administrative staff is either heavily restricted or totally banned. Surprise audits can occur at any particular point in time.
In the past credit card numbers were encrypted at the database level such that not even a database administrator with admin rights could actually decode them. Its quite possible that with the new tightening, no credit card storage will be allowed even in a 2010 PCI compliant system.

And the list goes on and on. A fully PCI compliant facility can spend $3-500,000 a year in just compliance issues particularly if new routing and updated hardware has to be taken into account.

Only Webmasters should need to worry about silly PCI Compliance

So, let’s take a moment and revisit something we said earlier “You shouldn’t if you are only buying things online ( we think )”

Who is getting the credit cards stolen more often?

Would you say that would be webmasters or online customers ?

Yes, that was a little obvious right? Its definitely online customers.

So, shouldn’t they be the ones most concerned about these compliance issues? Well, on a perfect planet yes, but the truth is – its expected that financial systems whether they are online or offline will have more than adequate security measures to protect the consumer. Furthermore, by concentrating efforts on the focal point where the accidents occur, the burden is shifted to those most technically capable of solving or preventing it – the savvy webmasters with their fancy online shopping carts.

If you are a home business without a super technical webmaster, your best bet for being on the correct side of PCI Compliance ( without which you will lose your merchant account ) is to put your shopping cart in a hosted solution such as yahoo stores, paypal,google checkout or 1shoppingcart.com

While the first three are fairly well known, the last one is actually the only one of the 4 to include a sales funnel which experienced marketers know can on its own, increase sales potentially by up to %400 percent.

Have a look around before making your decision. Online marketing is not the same and sometimes not even similar to offline marketing and having the edge in a sales funnel can be the difference between winning big and not even breaking even.

Warm Regards

Related posts:

1. Ecommerce and its relationship to How you make Money Online
2. A Review Of 1 Shopping Cart On-Line Automation Tools
3. An Online Shopping Cart: Why Every eCommerce Business Needs One
4. Shopping carts?
5. SEO For 2010: Search Engine Optimization Secrets