Cardholders (ie. your ecommerce customers) do not want to deal with their debit and credit cards being stolen and used to make fraudulent purchases. Similarly, others in the credit card processing industry do not want to be addressing fraud claims with customers and merchants, canceling and reissuing cards, or perhaps more importantly, covering chargebacks due to stolen credit card information.
From credit card issuing banks, to card networks like Visa and Mastercard, through individual acquiring banks, merchant services payment processors, payment gateways, and cardholders, everyone is counting on you to make good security decisions
You may be fined by your payment processor, or paying fees and penalties in order to be allowed to accept credit cards. You could also be turned away by your payment processor.
Additionally, in the case of a data breach where credit card data is stolen, you could be responsible for significant fines and damages. When you’re not compliant, you bear additional financial and legal risks that could be extremely damaging to your business.
While not everyone that breaks the rules will receive unwieldy fines, it can still be damaging to your customer relationships and reputation, and cause a variety of disruptions.
We wish that security was that simple. The PCI regulations are meant to set basic standards. When adhered to, they significantly limit your risk profile. However, technology changes constantly, and ecommerce websites, such as those that use Magento, are each unique. That’s why we at JetRails on the front lines of eCommerce security must go above and beyond basic standards to keep you safe and secure.
At JetRails, your security is our priority. That’s why we’ve created solutions like a Magento Two Factor Authentication (2FA) extension, and made it available for free through GitHub. We’ve also created Magento 1 & 2 Cloudflare extensions that make it easier to use Cloudflare with your Magento site.
Additionally, we have partners that can provide additional services and solutions. For instance, as part of our Magento 1 End of Life Hosting program, we have relationships with Mage-One and OpenMage.
Most JetRails clients do migrate to a JetRails hosting account, whether that be on our fully-managed dedicated servers and clusters, or on a public cloud like AWS or Digital Ocean. However, if you have your own hosting environment, but need assistance in securing it, our team does provide consulting services.
Web hosting is an important factor, but it’s not the only factor. There are other steps that you should take to ensure that credit card data remains safe, such as applying security patches to your website itself. There are also vendors that you should employ, such as a secure payment gateway – JetRails can recommend several – and an authorized PCI scanning vendor.
At JetRails, while we can help to block a lot of bad traffic, we also recommend services that will help you avoid receiving and/or fulfilling orders placed with stolen credit cards. It’s all part of our commitment to bringing the best solutions possible to our eCommerce clients.
While PCI Compliance is important for those that accept credit card information, you may also be subject to other rules and regulations, such as HIPAA, GDPR, CCPA, or other data privacy standards. Need to adhere to other regulations? Our team is here to help!