Accepting Credit Cards on Your Website

Most businesses accept some form of payment on their websites. Doing so requires that a number technical parts be put into place, such as SSL certificates, some form of a shopping cart, and, of course, a means to accept money through a special bank account that allows you to accept money via credit cards, known as a merchant account.

The simplest form of payment acceptance is PayPal. It offers the merchant a very low risk and is simple to use. This type of payment system does not require you to be payment card industry (PCI) compliant.

Some hosts offer PCI compliance assistance. is one host that will assist you in the process. When shopping for your host, ask what experiences the host has had with PCI. Find out how much assistance the host can provide you when your site fails to pass the technical and security tests. Note that this advice is for when, not if. This is because new vulnerabilities discovered regularly can and will impact your security. If you're impacted, then you will not pass PCI compliance testing. It's important to stay on top of vulnerabilities and correct them as soon as possible.

image is a good source to use to keep up with ever-changing vulnerabilities.

If the host does not offer much in the way of assistance, and you need to be PCI compliant, then find a new host.

It's important that you understand ...

Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.