Accepting Credit Cards on Your Website
Most businesses accept some form of payment on their websites. Doing so requires that a number technical parts be put into place, such as SSL certificates, some form of a shopping cart, and, of course, a means to accept money through a special bank account that allows you to accept money via credit cards, known as a merchant account.
The simplest form of payment acceptance is PayPal. It offers the merchant a very low risk and is simple to use. This type of payment system does not require you to be payment card industry (PCI) compliant.
Some hosts offer PCI compliance assistance. Rochen.com is one host that will assist you in the process. When shopping for your host, ask what experiences the host has had with PCI. Find out how much assistance the host can provide you when your site fails to pass the technical and security tests. Note that this advice is for when, not if. This is because new vulnerabilities discovered regularly can and will impact your security. If you're impacted, then you will not pass PCI compliance testing. It's important to stay on top of vulnerabilities and correct them as soon as possible.
SalvusAlerting.com is a good source to use to keep up with ever-changing vulnerabilities.
If the host does not offer much in the way of assistance, and you need to be PCI compliant, then find a new host.
It's important that you understand ...
Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
