Guerrilla Marketing Blog

Tips & Tactics from your friends at The Clever Robot!

Clever Robot Hosting and PCI Compliance

PCI Comp BlogThe information provided in this FAQ is meant to be helpful to you, but please note that The Clever Robot Inc. is not qualified to assess your compliance with the standards discussed here or any other legal obligations you may have. You are responsible for understanding the risks and requirements related to accepting online payments and for seeking third-party experts should you require any assistance.

What is PCI?

The payment card industry (“PCI” for short) is the global collective of businesses associated with accepting and processing credit and debit card payments. The PCI Security Standards Council (“PCI SSC”) is an industry group, comprised of American Express, Discover Financial Services, JCB, MasterCard, and Visa, which has established the PCI Data Security Standard (“PCI DSS”), the most recent version of which was released in April 2016. PCI DSS provides a set of consistent security measures for anyone processing credit card payments or otherwise managing cardholder data. More information can be found on the PCI SSC web site.

Who needs to be compliant?

PCI DSS is an industry standard that applies to anyone who stores, processes, or transmits cardholder data. If you are licensed by or accept payments for or on behalf of any of the participating members of PCI SSC, you must comply with the standards they publish. Each member is individually responsible for enforcement and may have different requirements for proving compliance, though traditionally they all follow the published standard.

Is Clever Robot Hosting PCI compliant?

Yes. For the payment-related data we collect from you, we are fully compliant with PCI DSS v3.2. (Because we don’t handle cardholder data and our Acceptable Use Policy prohibits you from doing the same, we have no plans to obtain a PCI Report-on-Compliance.) This does not mean you’re in compliance simply by hosting with us, however. We don’t operate your web site or interact with your end users, and you are responsible for the way in which you collect, store, or process any cardholder data. The good news is that compliance isn’t hard, as long as you understand the requirements.

Ok, so how do I comply?

Since PCI DSS applies to “entities that store, process, and/or transmit cardholder data,” the easiest way to address the standard is to simply avoid storing, processing, or transmitting cardholder data. If you host an e-commerce site, there are third-party payment processors who can accept and process credit card payments on your behalf. Some examples include, Braintree, Payeezy, PayPal Pro, and Stripe. Each third-party payment processor is responsible for maintaining information about their own compliance and may be able to help you with any PCI reporting or attestation requirements.

Do I have to use a third-party payment processor?

Outsourcing your payment processing is the easiest path to meeting your PCI DSS requirements. It is also the only choice that is compatible with our Services. The Clever Robot Inc.’s Acceptable Use Policy prohibits you from using our Services to store, process, or transmit cardholder data. If you have any further questions, we are more than happy to talk to you and/or your third-party developer, auditor, or assessor.

If I take these steps, will my site pass a PCI audit/scan?

If you are providing e-commerce services and choose to include your Clever Robot hosted site in your PCI vulnerability scanning scope, please be aware that scan results may not be correct as we run customized versions of various components. In any case, we suggest you confirm with your PCI QSA whether your Clever Robot site should be included or not as they may not be clear on how your Clever Robot site works.

Your web content drives prospects to your site, grabs their attention, and captivates them long enough to convert them to customers.

At The Clever Robot, we understand how busy it is to be an entrepreneur. While nobody knows your business better than you do, its not always wise to spend your valuable time writing content. Let our experts help you optimize your time and your website with their professional copywriting services.

The Clever Robot copywriting services are available for your existing website, a website purchased with the Clever Robot, or for any projects you may be considering with another website designer.

Professional & Affordable

SEO optimized copy for your website at affordable prices.

No Overseas/Offshore Outsourcing

US-based, English Speaking, college educated writers.

Fast Turnaround

New articles and artwork can be delivered as quick as 24 hours.

Lets Get it Started

Simply complete the short form below and The Clever Robot will follow up to discuss your website. Please enjoy this article packed with information about what and why you need to optimize your pages and start ranking online.

    "I don't have time for all this mumbo-jumbo, can I just talk to somebody?"

    (336) 767-4312

      "I don't have time for all this mumbo-jumbo, can I just talk to somebody?"

      (336) 767-4312