The Authorize.Net Developer Blog

Posts from Authorize.Net employees, community members and experts about integrating with the Authorize.Net Payment Gateway: sample code, tutorials, and problem-solving techniques, just to name a few.

PCI SSC releases E-commerce Guidelines Information Supplement

by Administrator Administrator on ‎02-20-2013 07:44 AM (49,674 Views)

The Payment Card Industry Security Standards Council recently released the PCI DSS E-commerce Guidelines Information Supplement. This document is an excellent resource for any developer engaged in an e-commerce project involving card payments.  It provides an introduction to e-commerce security and guidance in the following key areas:

 

  • E-commerce Overview – an explanation of typical e-commerce components and common implementations and outlines high-level PCI DSS scoping guidance to be considered for each.
  • Common Vulnerabilities in E-commerce Environments – vulnerabilities often found in web applications (such as e-commerce shopping carts) so they can emphasize security when developing or choosing e-commerce software and services.
  • Recommendations - best practices that developers can leverage to help secure their client’s e-commerce environments, as well as list of recommended industry and PCI SSC resources to leverage in e-commerce security efforts.

The guidelines can be found here:  https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_eCommerce_Guidelines.pdf

 

After you've read the document, come back and let us know if you found it helpful.

 

Richard