Aaron D. Campbell
WordCamp Phoenix, 2012
Total e-commerce sales according to the US Census Bureau
Customer leaves your site, completes payment on the PayPal site, and does not have to return.
Customer goes to PayPal, enters payment details, and returns to your site to finish order process.
Customer stays on your site through the whole process.
A payment gateway is a service that authorizes payments. It’s the equivalent of a physical point of sale terminal.
A merchant account is a type of bank account that allows businesses to accept payments by debit or credit cards. It requires an agreement between the merchant, bank, and payment processor.
Payment Card Industry Security Standards Council
Sets the standards you have to follow.
PCI Data Security Standard
The standard you are required to meet. 12 requirements for any business that stores, processes, or transmits cardholder payment data.
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords and other security parameters
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public networks
Use and regularly update anti-virus software or programs
Develop and maintain secure systems and applications
Restrict access to cardholder data by business need to know
Assign a unique ID to each person with computer access
Restrict physical access to cardholder data
Track and monitor all access to network resources and cardholder data
Regularly test security systems and processes
Maintain a policy that addresses information security for all personnel
Assess: identifying cardholder data, taking an inventory of your IT assets and business processes for payment card processing, and analyzing them for vulnerabilities that could expose cardholder data
Remediate: fixing vulnerabilities and not storing cardholder data unless you need it
Report: compiling and submitting required remediation validation records (if applicable), and submitting compliance reports
Free + Paid Upgrades/Addons ($10 – $195 each)
Free + Paid Upgrades/Addons ($8 – $80 each)
Free Lite Version
$89 – $299 (per year for continued support)
$55 – $299
Addon modules $25 each
Priority Support $49 – $199