Home > PCI Compliance, Security > Hosting Providers & Merchant Accounts – PCI Compliance Explained

Hosting Providers & Merchant Accounts – PCI Compliance Explained

February 23rd, 2009 Leave a comment Go to comments

There seems to be a great deal of confusion about PCI compliance, on the part of merchants and hosting providers. Who’s responsible for what?

First, the merchant (web host) always remains responsible for compliance – to be certified. Their hosting provider (data center) is responsible within the scope of the infrastructure and services they provide to the merchant – for example, real estate (floor, electricity and controlled physical access). If a hosting provider also manages the merchant’s network, then they’re responsible for that specific scope of compliance.

Having said that, the merchant is required to monitor compliance of their service providers and manage any non-compliant risks, but a hosting provider’s PCI compliance isn’t mandatory for merchants to use that provider.  As a merchant who accepts card payments for products or services, you are obligated to be PCI compliant – but not for the environment in it’s entirety, rather limited to the processing of the credit cards, storage of that data and their respective transmission gateways. To that end, PCI is technology neutral, meaning you don’t have to build out with specific infrastructure.

So what are the minimum requirements? A couple of servers. a firewall, logging, monitoring and IDS / IPS (intrusion detection and intrusion prevention systems) capabilities.

Categories: PCI Compliance, Security Tags:
  1. July 27th, 2009 at 15:43 | #1

    Finally someone who can write a good blog ! . This is the kind of information that is useful to those want to increase their SERP’s. I loved your post and will be telling others about it. Subscribing to your RSS feed now. Thanks

  2. January 5th, 2010 at 10:43 | #2

    I was doing some random seaches through google and found your website. Your insight into Hosting Services is not only spot on, but entertaining to read. Thanks

  3. Elton Trollope
    October 3rd, 2010 at 01:54 | #3

    “I am speechless. This is a outstanding webpage and extremely partaking as well. Wonderful function! That’s not seriously significantly returning from an amateur publisher like me, but it’s all I could say after diving into your posts. Wonderful grammar and vocabulary. In contrast to other weblogs. You really know what you are talking about very. A lot that you just made me wish to study additional. Your weblog has turn into a stepping stone for me, my fellow blogger. Thanks for the in depth journey. I seriously enjoyed the eight posts that I have study up to now. “

    • October 29th, 2010 at 10:41 | #4

      I think if you simply blog what you’re passionate about, everything works out fine.

  1. No trackbacks yet.
You must be logged in to post a comment.
Privacy Policy | TOS