There’s a set of requirements called the Payment Card Industry Data Security Standard (or “PCI DSS”) and it was developed by the PCISSC – (the Payment Card Industry Security Standards Council)

These requirements are designed to provide a standardized set of consistent security measures for merchants to follow that are handling credit card transactions.

The standard includes 12 requirements for maintaining a secure operation:

Build and Maintain a Secure Network  Read the full post.

• Requirement 1: Install and maintain a firewall configuration to protect cardholder data
• Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

We are happy users of the WP e-commerce shoppping cart not only for our own site but we use it often for clients as well.

Recently, one of our customers told us that they were being required by their credit card company to pass a certification test verifying that their website was PCI compliant and wanted us to attend to it.

The company doing the compliance check was called Trustkeeper, and I’m very proud to report that right out of the box, with no changes on our part related to their cart, WP e-commerce passed the PCI compliance test with flying colors.  Read the full post.