The latest on PCI Compliance … make it easier on yourself

Posted on the 24th June 2015

Do you know what level SAQ you need to pass to be PCI Compliant with the payment methods you currently accept on your eCommerce site? No? Don’t worry, you’re not alone.

Most payment gateways and merchant accounts can’t give you any specific advice, either. It’s a cloudy subject and no one wants to accept the liability for the wrong answer.

Whether you accept payments directly on your website or redirect the customer to a third party page, most merchants will still require you to fill in some sort of questionnaire or scan your server on a regular basis. Not only that, you have to pay for these scans and maybe have to pay someone to keep upgrading and patching the server to stay compliant. If you don’t pass, you have the possibility of your payment method being suspended, so no one can buy from you.

Unfortunately, if you do accept credit card details directly on your own website (which is the preferred method for most online retailers), then you will need to pass quite a complicated PCI compliance policy which will require a complex, well maintained server infrastructure, and a lot of policies and documentation. It seems merchant accounts and gateways are tightening up on the compliance checks, too. But surely these measures are a little over-the-top for a small business, right?

It’s time to remove the stress of PCI Compliance from your life altogether and use Stripe. With no monthly fees and just a simple low 2.4% and 20p per transaction, Stripe acts as both your PCI compliant gateway and your merchant account, so it’s really just sign-up and go!

Most importantly, Stripe offers a way to accept card details directly on your site and be fully PCI compliant using just a valid SSL Certificate. Not only does Stripe eliminate the need to read, process or store sensitive credit card information, it can also store card details securely on your behalf so that customers can checkout quicker and easier next time.

Stripe does not require you to scan your server or fill in long-winded questionnaires that people don’t really know how to answer. As long as you have a secure website and integrate with Stripe using the Stripe API using tokenisation then you will be compliant.

Still sound complicated? Ok, Stripe was built for developers. It does need a little bit of code savvy. There’s tons of samples and tutorials around, and some don’t mind braving it on their own. For everyone else, there’s people like us.

We had such a high demand from people both developers and business owners that we decided to create an installable extension for the Magento eCommerce framework.

If you’re running a Magento Commerce store you can get PCI compliant today with the best Stripe for Magento Plugin.

If you’re running an online business, or are looking to set up something new, talk to us about how Stripe can work for you, just give us a call on 03333 444 505 or contact us via the website.