BigCommerce Is Now PCI Compliant
It’s official – BigCommerce is now PCI compliant.
We’ve completed thousands of changes that have taken thousands of man hours. We have the signed Attestation of Compliance and have worked with our assessing company for more than 12 months now to make this happen.
It’s a great day for all of us and we’re proud to be one of the very few hosted shopping cart platforms that is PCI compliant.
Thanks for your patience over the last year. PCI compliance is definitely the most challenging project we’ve every under taken and I’m proud of how our team came together to get the job done.
Below I’ve included answers to some common questions about PCI compliance.
What Is PCI Compliance?
According to Wikipedia…
The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. The standard applies to all organizations that hold, process, or exchange cardholder information from any card branded with the logo of one of the card brands.
What Does This Mean For Existing Clients?
As an existing BigCommerce client it simply means that the security around our data center and software is certified as rock solid. There are no changes you need to make and your store is PCI compliant.
How Can I Prove To My Bank You’re PCI Compliant?
Your bank will require a copy of our Attestation of Compliance which you can download as a PDF. Simply email this document to your bank. That’s all you need to do. BigCommerce will appear in Visa’s list of PCI compliant solutions in the next 3-4 weeks.
What About PA-DSS Compliance?
Because BigCommerce is an application developed by us and hosted on our PCI compliant network, it is not required to be PA-DSS compliant.
Have More Questions?
Please feel free to call or email our support team. They can answer any and all questions you have about PCI compliance.
The official announcement has also been posted on our blog.