PCI compliance
PCI compliance ensures that your customers can securely use credit cards to purchase from your store. All credit card associations require merchants to implement PCI Compliance to protect their customers online.
Magento includes payment gateways that securely transmit credit card data through direct API post methods or hosted payment forms provided by the payment gateway.
The following are the requirements to meet the Payment Card Industry Data Security Standard (PCI DSS):
- Install and maintain a firewall configuration to protect cardholder data.
- Do not use vendor-supplied defaults for system passwords and other security parameters.
- Protect stored cardholder data.
- Encrypt the transmission of cardholder data across open public networks.
- Use and regularly update your antivirus software.
- Develop and maintain secure systems and applications.
- Restrict access to cardholder data to business need-to-know.
- Assign a unique ID to each person with computer access.
- Restrict physical access...