The Quick and Easy Guide to PCI Scanning for Ecommerce

PCI Scanning – when your ecommerce biz was just a dream in your mind (and maybe it still is), PCI Compliance was most likely not what got you pumped about going into business. But it’s one of those necessary evils of ecommerce business life (read below for why), so if you want to stay in business, keep reading our quick and painless guide for the lowdown on PCI Scanning and Compliance.

What is PCI Scanning?

PCI Scanning stands for “Payment Card Industry” scanning. It involves having a PCI ASV (Approved Scanning Vendor) scan any and all IP addresses that the public has access to, related to your website or your site’s transaction process.

Does My Ecommerce Site Need PCI Scanning?

If you take credit cards PCI Compliance is required. PCI Scanning is necessary and most banks are coming down hard on merchants who have not had PCI scanning done and have suffered a security breach. When your merchant account provider or bank asks you to conduct a PCI Scan, they are asking you to ensure that all IP addresses that feed into or out from your site are clean and virus-free. But PCI Scanning, like all things security-based, is much more than a necessary evil for your site. It’s more than just checking “get a tax ID number” or “set up 1-800 number” off your list of things you HAVE to do when you setup your website.

Why Do I need PCI Scanning?

More than 80% of websites are vulnerable to hackers and/or other attacks. PCI Scanning detects vulnerabilities on your website(s) and servers. Our reports clearly identify these vulnerabilities, providing the owner with a clear path to help secure their website. Preventing an attack from happening depends on user efforts in resolving the vulnerabilities discovered. Once you are made aware of your vulnerabilities, you can fix them. Finding and fixing vulnerabilities help to prevent hackers and viruses from exploiting your information.

What Do I Need to Do To Be PCI Compliant?

The Payment Card Industry now requires all businesses that process credit cards to perform at least a quarterly vulnerability scan and to fill out a Self Assessment Questionnaire. You may need to check with your acquirer/merchant provider to find out what scanning interval is correct for you. A benefit of complying with the latest PCI requirements is that vulnerability scanning can also give you peace of mind in knowing that your website is safe from outside attacks.

How Do I Get My Ecommerce Site PCI Scanned?

Trust Guard has been providing PCI Scanning services for tens of thousands of ecommerce business owners. Trust Guard combines world class PCI Scanning with their leading third-party website verification services. Together, these two features provide the ultimate security, privacy and business verification seals online. Trust Guard is also the only company to offer a Security Scanned Trust Seal, which lets your visitors know your site is safe to shop on. Learn more at trust-guard.com.

Karen Schmidt

Journalist turned blogger about all things ecommerce, shopping, retail and cyber security.

You may also like...