How to pass PCI compliance scans

Written by Jacob Nicholson

In this article we'll discuss PCI compliance requirements, explain what is PCI compliance, and give some steps to pass a PCI scan. PCI DSS stands for Payment Card Industry Data Security Standard. The PCI DSS was created back in 2004 by the four major credit card companies American Express, Discover, MasterCard, and Visa to help ensure that consumer payment card data is being transmitted and stored securely on the Internet.

PCI compliance requirements

If you have a website where you will be taking credit card numbers directly from your visitors, it's typically required to pass PCI scans before your site can be given a seal of approval for adhering to the PCI DSS. A PCI vendor will do a series of PCI scans on your website and provide you with a PCI scan report usually in PDF format that should include an actionable list of failures, and possible solutions.

Passing a PCI compliant scan attempt will genereally require changing some default settings on your server to be more secure before they proceed with the scan. Some of the most common things that will need to be done will be closing ports at the firewall, and ensuring that you're using up to date software.

Staying PCI compliant

PCI compliance is an on-going commitment, and most PCI vendors will require doing a new scan about once every 90 days or so to ensure that your website is staying compliant. Ensuring that your website stays PCI compliant can help keep your customers trusting you, as it shows them you're committed to maintain orders without the risk of a security breach and theft of their vital data.

If you've already had a scan run on your website and the test failed, you can e-mail a copy to us at support@inmotionhosting.com to have our system administration department review the scan for you. Below are some of the common things that can cause a PCI scan to fail initially. Over time each of these should also link for how to handle that type of failure on your own.

You should now understand about PCI compliance and why it might be important to have for your website if you're accepting credit cards.
Like this Article?

Login to comment.

Support Center Login

Your Opinion Matters

... but we need to know what you're thinking!

I'm Jacob Nicholson, your friendly Community Support technician, and I wrote the article you're looking at now. I like to think it's perfect, but I'm sure you have some suggestions. Please, let me know what they are!

Feedback
Your Email Address
Because we'd like to talk with you!

Latest Questions

If you need some help, submit your question to our Community!
We guarantee a response within 60 minutes (8am - 9pm EST, Monday - Friday)
Ask a Question!
Recent Questions
  1. Cpanel license is expired
  2. How do I provide a truly secure FTP site for my client to upload files with sensitive data (PHI - Personal Health Information, as referred to by HIPAA)?
  3. styles are not rendering on initial page load
Browse other questions

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!