The PCI Security Standard Council (SSC) is making an aggressive push to update itself to comply with modern technology. As this blog mentioned earlier this week, new standards were set as to how to maintain PCI compliance while storing customer data in the cloud. Building off of these concepts, there are also new guidelines related to eCommerce.
One of the primary reasons the PCI SSC has released these guidelines is to help vendors - particularly those accepting B2B payments - determine which solutions work best for them. As we have stressed in the past, those accepting payments from other companies online must implement a B2B payment gateway designed to save money on business transaction processing costs. They must also ensure they are protecting customer information with the utmost level of security.
Jeremy King, the European director of the PCI SSC, told the online publication Internet Retailing that these guidelines are necessary as more companies are learning the advantages of buying and selling online.
“This is the first specific guidance that the council has published for eCommerce,” King said. “The aim is to try to give easy to follow practical guidance for everyone involved in eCommerce.”
There are many organizations that have not fully bought into online shopping, namely because of security concerns. Many business executives fear that their information will be vulnerable to cyber threats if it is transferred online. That's why vendors must ensure they are providing their customers with a secure checkout environment.
It's also important for merchants to store customer information in an area that will limit the risk of a targeted attack. Tokenization will store data in a secure, off-site environment, which means cyber criminals won't be able to specifically target a certain vendor in hopes of obtaining sensitive information.
As eCommerce continues to grow, it's vital for vendors to partner with a payment solutions provider to ensure they are up-to-date on all the latest PCI compliance standards.