{"id":2263,"date":"2013-02-07T00:00:00","date_gmt":"2013-02-07T00:00:00","guid":{"rendered":"http:\/\/otava.test\/pci-compliance-supplement-gives-tips-for-merchants\/"},"modified":"2013-02-07T00:00:00","modified_gmt":"2013-02-07T00:00:00","slug":"pci-compliance-supplement-gives-tips-for-merchants","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/","title":{"rendered":"PCI Compliance Supplement Gives Tips For Merchants"},"content":{"rendered":"

Last month the Payment Card Industry Security Standards Council (PCI SSC) released their Information Supplement: PCI DSS E-Commerce Guidelines<\/a>. These guidelines were focused on e-commerce merchants, and how to keep compliant whether outsourcing payment processing, keeping it in-house, or creating a hybrid solution.<\/p>\n

Within the supplement there were great guidelines for interaction between merchants and third party service providers. This included how best to address risks associated with outsourcing throughout the whole process, from deciding what provider to use, to engaging with them, and finally through the continual management. Here are a few of the tips highlighted within the guidelines.<\/p>\n

Potential Service Providers<\/strong> <\/em>
\nMuch of the detail under this section was about getting educated before choosing the provider to work with. Receiving quotes<\/a> from many providers not only allows a merchant to find the most cost-effective company, but you can also get more comfortable with what most services<\/a> are offering, as well as some of the add-ons that may not be mandatory, but are appealing for security or convenience. Also, researching each provider is important. Getting ratings, reviews, thought leadership, and information about the types of clients they support can all help form a solid basis for determining which service provider is going to be the best fit.<\/p>\n

Contracting a Service Provider<\/strong> <\/em>
\nOnce a service provider has been decided on and the contract is being made, it\u2019s important to have within the agreement a specific explanation of the responsibilities of the service provider and the merchant in regards to PCI compliance<\/a>. This clearly draws the line for both entities so there is no confusion as to who is taking care of what. It\u2019s important to reiterate that the merchant is ultimately responsible for the security of all cardholder data, including the data handled by the service provider, but knowing what aspects are being handled by the provider (as well as what they do in order to meet those specific standards) allows a company to reallocate its resources without fear of missing a critical requirement.<\/p>\n

Service Provider Management<\/strong><\/em>
\nThis section focused on the continual duties the merchant will want to perform in order to keep abreast of their service providers strides to keep compliant. This involves reviewing the third party\u2019s signed Attestation Of Compliance (AOC) to ensure that their compliance is current. Just like merchants, service providers will need to renew their validation every year in order to stay current. Also, the PCI SSC suggests acquiring specific information in regards to breach processes and hardware configurations:<\/p>\n

\u2018If outsourcing web-hosting services, ask the provider for standard hardware and software configurations, a defined schedule for updating hardware and software patches and versions, a 7x24x365 active monitoring service, and support for investigations in the event of a security breach.\u2019<\/p>\n

Other Resources:
\nInformation Supplement: PCI DSS E-Commerce Guidelines<\/a>
\nWhat Is PCI Compliance?<\/a>
\nPCI Compliant Hosting FAQ<\/a><\/p>\n

More Reading:
\nPCI Compliant Requirements & PCI Compliant Services Matrix<\/a>
\nThe PCI DSS (Payment Card Industry Data Security Standards) require the use of certain technical security services. Below is a matrix of the requirements paired with actual PCI compliant services that fulfill them. Click on each PCI compliant service to read more about them.<\/p>\n

Understanding Big PCI Compliance Pitfalls<\/a>
\nPCI DSS (Payment Card Industry Data Security Standards) compliance is important to any company processing, storing, or transmitting cardholder data. However, its 12 security requirements are complex (each requirement is broken down into many different sub-categories so that at the end of the day there\u2019s over 200 points to consider) and technical, causing many companies to stumble when working towards compliance.<\/p>\n

\n

\"PCI<\/a>Looking for more information on PCI hosting requirements, recommendations, and the foundation of a secure PCI compliant data center<\/a>?<\/p>\n

Download our PCI Compliant Hosting white paper<\/a> now for a complete guide to PCI hosting with IT vendors.<\/p>\n

Still have questions? <\/strong>Contact us<\/a> or chat<\/a> with us now. Find out more about our fully compliant, PCI hosting<\/a> solutions, or submit a quote request<\/a> for your project today.<\/p>\n

\n","protected":false},"excerpt":{"rendered":"

Last month the Payment Card Industry Security Standards Council (PCI SSC) released their Information Supplement: PCI DSS E-Commerce Guidelines. These guidelines were focused on e-commerce merchants, and how to keep compliant whether outsourcing payment processing, keeping it in-house, or creating a hybrid solution. Within the supplement there were great guidelines for interaction between merchants and third party service providers. This included how best to address risks associated with outsourcing throughout the whole process, from deciding what provider to use, to engaging with them, and finally through the continual management. Here are a few of the tips highlighted within the guidelines. Potential Service Providers Much of the detail under this section was about getting educated before choosing the provider to work with. Receiving quotes from many providers not only allows a merchant to find the most cost-effective company, but you can also get more comfortable with what most services are offering, as well as some of the add-ons that may not be mandatory, but are appealing for security or convenience. Also, researching each provider is important. Getting ratings, reviews, thought leadership, and information about the types of clients they support can all help form a solid basis for determining which service…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-2263","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nPCI Compliance Supplement Gives Tips For Merchants | OTAVA<\/title>\n<meta name=\"description\" content=\"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI Compliance Supplement Gives Tips For Merchants\" \/>\n<meta property=\"og:description\" content=\"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2013-02-07T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"PCI Compliance Supplement Gives Tips For Merchants\",\"datePublished\":\"2013-02-07T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\"},\"wordCount\":667,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\",\"url\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\",\"name\":\"PCI Compliance Supplement Gives Tips For Merchants | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif\",\"datePublished\":\"2013-02-07T00:00:00+00:00\",\"description\":\"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI Compliance Supplement Gives Tips For Merchants\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"PCI Compliance Supplement Gives Tips For Merchants | OTAVA","description":"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/","og_locale":"en_US","og_type":"article","og_title":"PCI Compliance Supplement Gives Tips For Merchants","og_description":"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.","og_url":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/","og_site_name":"OTAVA","article_published_time":"2013-02-07T00:00:00+00:00","og_image":[{"url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif","type":"","width":"","height":""}],"author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"PCI Compliance Supplement Gives Tips For Merchants","datePublished":"2013-02-07T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/"},"wordCount":667,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"image":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/","url":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/","name":"PCI Compliance Supplement Gives Tips For Merchants | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage"},"image":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif","datePublished":"2013-02-07T00:00:00+00:00","description":"Last month the PCI SSC released their Information Supplement: PCI DSS E-Commerce Guidelines focused on e-commerce merchants, and how to keep compliant.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#primaryimage","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/pci-white-paper-sm.gif"},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/pci-compliance-supplement-gives-tips-for-merchants\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"PCI Compliance Supplement Gives Tips For Merchants"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2263"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2263\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2263"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}