Your PCI-compliant hosting package is fully managed to ensure it meets the latest PCI DSS standards, giving you peace of mind.
What is PCI COmpliance?
Protecting Payment
Card Information
The Payment Card Industry Data Security Standard (PCI DSS) is a set of rules designed to keep credit card information safe. If you are a “merchant”, or a business that processes, stores, or transmits credit card data, PCI compliance is essential to maintain.
Following these standards helps protect your customers and your business from data breaches and fraud. inConcert is happy to provide fully managed PCI Compliant hosting to help meet these needs.
Is PCI Required by Law?
PCI DSS compliance isn’t mandated by federal law in the U.S., but some states do reference PCI standards or have similar requirements. Even when not legally required, following PCI DSS helps protect your business and customers from fraud and data breaches.
What Is a Merchant?
A merchant is any business that accepts credit or debit cards (Visa, MasterCard, American Express, Discover, or JCB) to sell goods or services. Some merchants can also act as service providers if they store, process, or transmit cardholder data for other businesses. For example, an internet service provider that bills customers by card and also hosts other merchants’ websites.
What are Merchant Levels?
There are four merchant levels. Your merchant level is determined by the number of credit card transactions your business processes over the past 12 months. It determines the type and amount of auditing or validation required to stay PCI compliant. Higher-volume businesses have more rigorous requirements, while smaller businesses have simpler validation steps.
What is Cardholder Data?
Cardholder data is the information from a payment card that needs to be protected. This includes:
- Full card number (PAN)
- Cardholder name
- Expiration date
- Service code
- Magnetic stripe
- CVV/CVC
- PIN
Do Third-Parties Need PCI?
Yes. Using a third-party service doesn’t exempt your business from PCI DSS requirements. While working with a compliant provider may reduce your risk and simplify validation, your business is still responsible for meeting PCI standards.
Is an SSL Enough?
No. While an SSL certificate protects data transmitted between a customer’s browser and your website and verifies that your business is legitimate, it’s just one part of achieving full PCI compliance. For example, it does not secure your server against attacks or meet all PCI DSS requirements.
Our Clients Say It Best
Relationships That Last. Results That Matter.
"Beyond Five Stars"
I hired Julie & the team at InConcert a couple years ago when I rebranded my DJ and event production company. To say that my experience was more than 5 stars would be an understatement.
"Exceptional Support & Service"
The people at inConcert are great! They offer helpful suggestions, respond in a timely fashion, receive feedback really well and overall take really good care of my website.
"A Vision Brought to Life"
We wanted to acknowledge the great work done by your team. Everyone is a pleasure to collaborate with. Their efforts brought to life our vision.
"Seamless Website Launch"
inConcert played a key role in helping us launch our new website —and it was a huge success. They jumped into the project midstream and made the launch feel seamless.
"Highly Recommended"
inConcert has really done a wonderful job with our website! It’s been great working with them on this website —they are quick, reliable, and pleasant to work with.
"Website Leads That Deliver"
Thanks to the Request a Quote form on the website, we received a large order from a Texas-based company who works on government contracts. I'm very pleased!
"Responsive and Reliable"
I want to say that I really appreciate how responsive everyone has been at inConcert Web solutions over the past few years. All of you reply in a timely manner.