PCI Compliance

PCI Compliance is a requirement of most New Zealand banks for merchants wanting to process credit cards via an online store.

Getting PCI compliance for your server  is relatively straight forward if you follow some basic best practices.

1# Use a Payment Gateway

By using a payment gateway you remove the handling and processing of credit cards from your system. This makes gaining PCI Compliance a great deal easier. If you need to store credit card details, you will need to under go a much more rigorous PCI self assessment.

2# Use a server that is PCI compliant

If you use shared web hosting chances are it wont be PCI compliant and gaining compliance will most likely be impossible. The process of buying a server and configuring it for compliance is difficult so purchasing server hosting from a provider with PCI compliant servers is a good idea.

Web Drive provides PCI Compliant servers and handles regular server scans to ensure ongoing compliance.

3# Ensure ongoing compliance

Regular scans ensure your server remains compliant, if you do not regularly scan for compliance and fail you run the risk of breaching your merchant agreement.

These steps apply to ecommerce web sites looking to achieve PCI compliance, larger merchants, bricks and mortar merchants or companies that directly handle and store credit cards will have a different process and requirements. In all cases you should follow the directions of your Bank or merchant provider.