home page

 
   
 

constant contact

easy online payments

 

PCI Compliance Steps

All of our small business and nonprofit clients who take credit cards using RocketCart or other tools we have provided are tier 3 merchants and must comply with the minimum PCI Compliance measures.

A self-assessment, a PCI scan and a compliance report for your merchant services provider and/or bank. All of these can be accomplished using Comodo is you have a Readywebgo-supplied Comodo InstantSSL digital certificate.

We can also provide the support you need optionally at a low annual cost. Just let us know that you want us to set it up and run it for you!

Want to give the Free 90-day PCI Compliance Scan and Reports a try?

Existing InstantSSL and Comodo Clients email us.  We'll provide you with your Comodo login information and then you can proceed to site to review your options.

If you are new to digital certificates and PCI Compliance go to the next step.

New to SSL and site security? Learn more about PCI Compliance at Comodo before you start - click here.
NOTE: Updates and assistance with correcting vulnerabilities are billed at our preferred client contract rates.

The Full Report on PCI Compliance

To satisfy the requirements of PCI, a merchant must complete the following steps:

1. Identify your Validation Type as defined by PCI DSS

This is used to determine which Self Assessment Questionnaire is appropriate for your business.

2. Complete the Self-Assessment Questionnaire according to the instructions in the Self- Assessment Questionnaire Instructions and Guidelines.

3. Complete and obtain evidence of a passing vulnerability scan with a PCI SSC Approved Scanning Vendor (ASV). Note scanning does not apply to all merchants. It is required for Validation Type 4 and 5 those merchants with external facing IP addresses. Basically if you electronically store cardholder information or if your processing systems have any internet connectivity, a quarterly scan by an approved scanning vendor is required.

4. Complete the relevant Attestation of Compliance in its entirety (located in the SAQ tool).

5. Submit the SAQ, evidence of a passing scan (if applicable), and the Attestation of Compliance, along with any other requested documentation, to your acquirer.

To review and/or download the Self Assessment Questionnaire click here

Q: Im a small merchant with very few card transactions; do I need to be compliant with PCI DSS?

A: All merchants, small or large, need to be PCI compliant. The payment brands have collectively adopted PCI DSS as the requirement for organizations that process, store or transmit payment cardholder data.

N O T E : The information provided here is "as is" and we make no warranty as to the accuracy of the information. It is provided solely by the PCI Security Standards Council.
Share |


Tags: PCI  compliance  support  credit cards 

<<< go back to previous page

 

        © Initial Point Consulting 2002 - 2014  |  Site Design & Development by Readywebgo