If you run an e-commerce website, your merchant account provider is going to make sure that you are PCI compliant. Part of the compliance is with your website. It's important to know that how your website is set up is only a part of the total PCI Compliance standard - not the whole thing. There are other parts that include the computer(s) you use to access the website to check for payments.
Webstix has helped a number of clients become PCI Compliant with their website. If we get the reports, then we can make whatever adjustments are needed on the website and/or server to help your website become PCI Compliant. Since we've done this for a number of sites, our servers are in good shape in regards to being PCI Compliant.
It is best to get a third party service to verify your PCI Compliance. We are not certified to do it and to protect yourself, you should have a third party involved. There are several available. One that several clients seem to be using is Security Metrics. There are others available and you should decided for yourself which one to use.
Here are some more resources on what PCI Compliance is and what you need to know:
- PCI FAQs and Myths (www.pcicomplianceguide.org)
- Wikipedia: Payment Card Industry Data Security Standard
- The ABCs of PCI Compliance (www.websitemagazine.com)
- PCI Compliance for Every Online Merchant (www.websitemagazine.com)
- What Is PCI Compliance And Should Merchants Be Concerned About It? (www.practicalecommerce.com)
- PCI compliance: What it is and why it matters (Q&A) (news.cnet.com)