PCI-compliance and SSL certification
Payment card industry compliance refers to the security standards a business must follow to protect the credit card data of its customers. These standards — established by card issuers like Visa and Mastercard — are governed by the Payment Card Industry Security Standards Council. To be PCI-compliant, a business must complete an annual self-assessment questionnaire and pass a quarterly PCI security scan.
SSL certification is another security measure that helps protect customer data. Businesses that conduct online sales must purchase an SSL certificate through Certification Authorities. It is a digital certificate that provides encryption and authentication for sensitive data.
To process online payments, merchants must run PCI-compliant processing software and obtain SSL certification.