This question comes up often and it is very important to be sure the eCommerce website you’re developing is PCI compliant. eCommerce website design is about more than just looks, it’s also about functionality and being sure that all information passed from one party to another is secure. When running an eCommerce store, the last thing you want to deal with is a security breach. A few issues must be thought of during development and we’ve run through them below.
Proper eCommerce Development – Designing and developing your eCommerce website approerialty is the first step. This takes knowledge of what needs to be implemented and how. It’s always a great benefit to work with an eCommerce development company (like ourselves), that specialize in eCommerce. The last thing you want is to have a web designer “learning” eCommerce development on your project.
SSL Encryption – An SSL certificate (secure sockets layer) will allow information to be transferred encrypted. This means even if the information is intercepted, it will not be readable. This is important for any eCommerce website and it is definitely needed to be sure you’re PCI compliant.
Storing Credit Card Information – When a customer checks out their credit card information should be passed to your merchant account provided via your SSL. This means the encrypted card number will not go into your database, but to a 3rd party who processed the credit card. The credit card number should not be stored in your database. This causes security issues and if anyone was to ever hack your website administration they would then be able to steal credit card numbers.
Run a Test – Once your website is completed, it’s time run a test. This will ensure that the website is PCI compliant and there are no problems. If any issues are found they should be taken care of. Your credit card processing company, or merchant account services, should run a PCI compliance test on your site before approving your account.