Home Guides Glossary

Quick Shopping Cart PCI Compliance FAQ

Use the information below to learn more about PCI compliance.

What is PCI compliance?

PCI compliance is conformity to security standards set by the Payment Card Industry (PCI) Security Standards Council™ to protect cardholder data. The PCI council is responsible for managing the security standards, while compliance with it is enforced by major payment card brands (such as Visa®).

Who needs to be PCI compliant?

PCI standards apply to all organizations that store, process, or transmit cardholder data. If you're a merchant that accepts payment cards, you're required to be compliant with the PCI Data Security Standard (DSS). You can find out your exact compliance requirements from your payment card brand or acquirer.

How do I become PCI compliant?

Merchants need to validate their processes and controls for PCI compliance based on requirements from their payment card brand or acquirer.

For example, Visa defines levels of compliance validation based on the volume of transactions, potential risk, and exposure introduced into the payment system by merchants and service providers.

For Level 2 - Level 4 merchants, validation generally occurs through the completion of a PCI DSS Self-Assessment Questionnaire (SAQ) and quarterly Approved Scanning Vendor (ASV) scans. Level 1 merchants must have a Qualified Security Assessor (QSA) who completes an annual report on compliance. A list of approved QSA companies is available on the PCI Security Standards Council website. For more information on Visa's PCI compliance validation process, see Visa's Merchant website.

Is Quick Shopping Cart PCI compliant?

Yes. Quick Shopping Cart® is fully PCI compliant. An annual audit is performed by a Qualified Security Assessor (QSA) to confirm that all PCI requirements are met for the Quick Shopping Cart environment. Assessment activities focus on our public-facing Web servers, back-end processing systems, cardholder storage database, administrative bastion hosts, supporting infrastructure, and firewalls.

If you use Quick Shopping Cart, you still need to complete a PCI DSS Self-Assessment Questionnaire and report PCI compliance based on your merchant level if your payment card brand requests it.

Do I need to have my Quick Shopping Cart Website scanned because my merchant processor says I do?

No. Customers using Quick Shopping Cart do not need to contract third party Approved Scanning Vendor (ASV) scans against their Quick Shopping Cart website.

We complete the following activities to achieve compliance as a Level 1 PCI Service Provider:

  • The Quick Shopping Cart environment is scanned monthly by an ASV.
  • An annual audit is performed by a Qualified Security Assessor (QSA) to confirm that all PCI requirements are met for the Quick Shopping Cart environment, including performance of scans by an ASV.
  • The QSA submits the report on compliance for the Quick Shopping Cart service to Visa. Visa reviews the report and confirms our status as a PCI DSS validated service provider.

Is Shared, Dedicated, or Virtual Private Server PCI compliant?

No. Neither Shared, Dedicated, or Virtual Private Server is PCI compliant.

Domain Registration

Pay less for website domain names. Register your own .com, .net or .org for as low as $10.18 per year. We have everything you need to get online with your new domain.

Website Builder

Build an amazing website in just under an hour with Website Builder. Take advantage of designs created just for your industry and then customize them to reflect your one-of-a-kind idea.

Website Security

Protect your website and keep customers safe. Your comprehensive Website Security solution. Get peace of mind by securing your websites.

cPanel Hosting

Everything needed to give your website the high-performance home it deserves.  Protect transactions and secure your customer's data with a SSL Certificate
Copyright © 2005 - 2024.  All rights reserved.  Privacy Policy