PCI Scanning stands for "Payment Card Industry" scanning. It involves having a PCI ASV (Approved Scanning Vendor) scan any and all IP addresses that the public has access to, related to your website or your site's transaction process.
Basically, when your merchant account provider or bank asks you to conduct a PCI Scan, they are asking you to ensure that all IP addresses that feed into or out from your site are clean and virus-free.
PCI stands for Payment Card Industry. A group, known as the PCI council consists of the five major credit card companies. They came up with a set of security standards in order to ensure that there is consistency throughout when processing credit cards.
If you are a merchant or service provider and accept credit cards you must confirm PCI compliance at least once a year. In order to be PCI compliant, network security scans, or PCI scans, are mandatory for all merchants and service providers that collect, process, or transmit payment card account information.
So what exactly is PCI scanning? It is when an ASV (Approved Scanning Vendor) scans your website to check for any vulnerabilities. All PCI scans must be conducted by a third party compliant network security scanning vendor. The scanning usually includes your websites IP address, but if you transfer your customers to a third-party shopping cart during the checkout process, then you should include their IP address to be scanned as well. This is very important because you could be held responsible if anyone gets a hold of your client's payment card information anywhere along the transaction process.
http://hubpages.com/hub/what-is-pci-scanning
No comments:
Post a Comment