Designing a new web site? Keep PCI DSS in mind

by | Oct/27/2010

If you have, or ever plan to have, your own web site with a shopping cart that accepts credit and/or debit cards, it is important to consider the PCI DSS (Payment Card Industry Data Security Standard) requirements. If you plan carefully, you can greatly reduce your PCI DSS requirements.

The goal is to make PCI DSS validation as easy as possible. This means keeping all cardholder data off of your web site. To do so, have your web design team look into API’s that can allow another service to handle cardholder data for you. Examples of these services include:

Most of the API’s allow your customers to have the feeling that they stayed on your site and never left. Although, the final check out phase—when your customer enters their cardholder data—will take place outside of your web server. This can save you an enormous amount of money on your PCI DSS compliance.

Please post your comments on this blog.