Many merchants struggle with credit card fraud and issues of keeping their credit card data secure. To minimize risk, major payment card companies created a set of requirements to maximize data security. These set of guidelines are called Payment Card Industry Data Security (PCI DSS) compliance rules.
Soon Practical eCommerce will team up with nCircle, a company that offers security risk and compliance management solutions, to publish a “PCI Compliance Report Card.” This report card, like other Practical eCommerce report cards, is intended to provide specific, practical, real-world assistance and advice to merchants struggling with PCI compliance and credit card data security.
nCircle will use its Certified PCI Scanning Service to provide a complimentary scan of a merchant’s site. nCircle will then assess the results of the scan and a merchant’s responses on a PCI self-assessment questionnaire and provide a scorecard and accompanying article to Practical eCommerce.
The report card will grade a site based on five key areas of PCI compliance. As with Practical eCommerce’s search engine optimization, pay-per-click and conversion report cards, a site’s overall score is the grade point average of these criteria.
For the PCI report card, these criteria are, “Understanding of Requirements,” “Vulnerability Profile,” “Application Profile,” “Only Necessary Services” and “Overall Compliance.”
Practical eCommerce and nCircle will not identify the company or URL of the site being graded but will identify the vendors the merchant uses, such as shopping cart, platform and payment gateway. The merchant will be able to review the report card before it is published on Practicalecommerce.com.
To request a PCI compliance site grade, or to request additional information about the grade, please contact us.