from October 1st 2008, all
processing card payments that
involves receiving and or passing on client's data via one's own
computer must be PCI DSS (Payment
Card Industry Data Security Standard) compliant. This involves
quartley checks by scanning (this includes compulsory purchase of
software - and then of course regular updates!), filling in (or
is out?) declaration forms, bottom inspectors freely permissible
to inspect the premises, etc, and having to pay a third party for
the privilege of.
There are books and services advertised that are probably a total
waste of money, as information is freely available if one has time,
and also there are companies that will assist in all matters, and at
a reasonable cost if the card company has redirected the merchant to
But whichever way one decides to look at it, as from the 1st of
October the merchant that is selling via mail order and or a website
where a shopping cart is incorporated is going to have to pay more
for the privilege of receiving money via credit and debit cards. My
own guestimation for any merchant who processes through a server
within their own computer is going to have to pay an additional £300 plus! How this extra cost is
passed on is up to the individual.
make a fortune, others earn a mint
will impose a fine of £5000 to £50,000 on any merchant if a
clients' card is 'compromised' due to failure of following guidelines
and correct procedures.
That would make me flippin...' skint !
Having spent some hours researching and reviewing all this,
as from now no payments will be accepted via the email system. So I
do not lose the will to live, this here business is sticking to PCI DSS
Validation One. Thus:
Payment with a credit or
debit c a r d will be via the telephone, or PayPal.
PayPal is on a secure server, and one
will not have to be a 'member of PayPal' to pay via this facility.
It is there for all to use.
Please be aware that as set out by PayPal's (one of many) rules, the
merchant is to await guaranteed clearance of funds before sending
goods. It is endevoured to continue with a post-haste service
(get it?), thus, at the end of the day, I will determine the risk.
That is, unknown clients to myself that PayPal has not immediately
verified, in particular on larger £ orders, might have to wait a
few days before the goods are dispatched.
As the norm, the customer is notified when payment has been
received, date of dispatch of goods, and where applicable, the