When you install a new payment plugin, you have to take into account PCI DSS Compliance, which is a standard published by the PCI Security Standards Council. PCI DSS Compliance is a broad subject and multiple parts are involved in the process, each party having its own obligations.
Not meeting the designated obligations increases the risk of a breach, which is the merchant's liability. Penalties include considerable fines and the banning of the merchant from electronics payments.
Merchants accepting online payments, should have a SAQ Document (Self-Assessment Questionnaire) completed, to confirm that their system meets the PCI DSS standards. According to the PCI Council, these are:
[...] validation tools intended to assist merchants and service providers in self-evaluating their compliance with the PCI DSS.
The payment plugin is where all the card holder data is handled and exchanged with the payment gateway, hence you need to have a SAQ completed, for each installed plugin, because each plugin can be written differently, and is a potential point of failure.
By using one of our plugins, you are already one step closer to PCI DSS compliance, since we take into account the technical
requirements that payment gateways have.
However, to help you in completing your SAQ Document, nop-payments.com has partnered with SecurityMetrics, a leading provider and innovator in data security and compliance for organizations worldwide. Through this partnership, we want to facilitate your compliance process, and we've also negotiated discount pricing, to save you money!
Contact us, and we can help you start your compliance process, today!