PCI DSS certification peculiarities for e-commerce

PCI DSS certification peculiarities for e-commerce

Read the article “PCI DSS certificate”

E-commerce is gaining popularity all over the world at a great rate. But what does an ordinary person know about e-commerce? How to distinguish between e-commerce and the traditional one?

E-commerce web portals provide the following definition: e-commerce is a field of the economy that includes all financial and commercial transactions, carried out with the help of computer networks, and business processes related to these transactions.


How to understand that the company is engaged in e-commerce?

It can be stated that the company is engaged in e-commerce, when a client has made the purchase of a good or service through the website without calling to and visiting the office.

For example, a children’s book purchase. A customer saw the book on the website and put mind to give it to his child. He fills out the simplest form on the website, where he enters his card data and thus makes the payment. Then he gets the book in the nearest post office.

Or another example: booking and paying for a hotel room. A client has chosen a room he wants; again he fills out the booking form and pays for his reservation by a payment card.

These are the examples of e-commerce.

Is your company engaged in e-commerce?

Probably, you have already estimated the convenience of this business form. And, of course, you don’t need to be explained, you already understand that future belongs to e-commerce.

Let’s look at the mindset of your customer!

He chooses a product or service on your company’s website.

What does the customer want?

Does he want to go across the city in order to make a payment in your office? Of course not! Modern people are very busy!

Probably, the customer wants to receive a tax invoice with bank details and go to the bank to pay for the good or service? Neither! It takes time, there can be a queue in the bank, the end of the working day, after all – a day off. A modern customer is a metropolis resident. He’s very busy and high-fed.

So, what does the customer want?

Most customers want to be able to pay directly on your website by their payment cards.

A card payment is convenient for both the customer and your company. The customer has a fast and reliable way to pay for his order. It reduces the risk for your company. A chance that something will happen with the cash is high, but the card payment excludes this risk.

Which option is less risky: when the money for an expensive TV came directly to your company’s account or when a courier delivered this TV to the client and returned back to the office with cash?

The delivery man may not drop your cash by the office. He can lose or steal it, he can be robbed as well. Cash is constantly under threat.

Based on this example, the card payment for goods or services is more beneficial and secure than the cash one.

Many e-commerce companies refuse to accept cash and are completely switching to the card payments.

This is an excellent solution, but there are two problems these companies face.

The first problem is that customers, especially in Ukraine, do not trust an online payment for services or goods.

People are afraid of fraud, they’re afraid of losing their money. This is a fact, and it must be taken into account when setting up the company’s business processes.

The second problem is that before the company connects to the payment system and starts accepting card payments, it must fulfill the basic requirements of the companies that are leaders in the payment system market, such as MasterCard Worldwide and Visa International.


Get a free consultation with our experts

Contact us

These requirements are already related to the e-money security. Visa and MasterCard have the same goal that card payments should be safe.

To sort out these two problems your company needs to undergo an audit and get a certificate of compliance with the PCI DSS standard.

What the PCI DSS standard is you can read in our article About the PCI DSS certificate.

When your company has a certificate of compliance with the PCI DSS standard, your customers should not be afraid of scam for your part and can safely pay for your company’s products and services by the payment cards directly on your website.

Without the PCI DSS certificate, banks won’t provide you with the services for accepting card payments. It means that the customers will not be able to pay for your product or service directly on the website, which will inconvenience them and, as a consequence, you may lose some of your customers.

Completing a certificate of compliance with the PCI DSS standard, your company can be connected to the bank payment system without any further problems.

In our practice, the following situation has happened. We were contacted by the small online store representatives with a request to help them complete the PCI DSS standard certificate.

The store owners have decided to accept online payments from their customers. In order to get that done, it was necessary to connect the store’s website to the payment system of a large Ukrainian bank.

The first thing this bank has done was laying down a mandatory condition! The online store must undergo the PCI DSS standard certification.

The bank cares about its customer money and its own reputation.  Therefore, it requires from the online store to be certified in accordance with the PCI DSS standard.

Security at all monetary movement stages is extremely important for the bank. And only the PCI DSS certificate availability can guarantee this security.

Our specialists helped this online store to fulfill all the requirements. The satisfied client received his PCI DSS certificate within two weeks. The bank connected it to its system and the business has started working.

The PCI DSS certificate opens the door to the world of e-commerce for your company. It also guarantees security to your customers.

There is another example. A foreign company was urgently required to comply with the PCI DSS standard. The company’s representatives contacted us with a request to help them with that.

This company caters to wealthy people and provides services for online limousine booking in the United Arab Emirates.

Customers in such service need a very serious money security. They want to be sure that this company is reliable, it should be trusted, and their personal data are protected against possible fraud.

A confidence building tool is, of course, the PCI DSS standard certificate.

It took only two weeks for this company to undergo the PCI DSS certification.

As you can see, according to these two examples, a certificate of compliance with the PCI DSS standard is necessary for both large and small businesses.

Small online stores can undergo the PCI DSS certification online.

Авторы статьи:
Александр Куберский, Катерина Старчак.


Our experts are glad to advise you absolutely free of charge