PCI stands for Payment Card Industry. The official name is the PCI Security Standards Council (or PCI SSC but most people usually just say PCI or PCI Council). It is an organization that was founded by the five major credit card companies, (American Express, Discover, JCB, MasterCard, and Visa) in order to create a uniform set of security standards for companies to follow when processing credit card transactions. Until the PCI Council was organized, each of these companies had their own standards that were similar to each other but not uniform, which created a lot of problems.

According to the new standards, if you are a level 4 merchant that processes less than 20,000 transactions and you don't store payment card information on your server, and your shopping cart provider is PA DSS validated, then you may not need to do quarterly scans, but you will still need to fill out the annual SAQ. However, if your shopping cart provider is not PA DSS validated, then you will need to be PCI DSS Compliant and provide an annual SAQ and quarterly scans of your IP, and possibly scan your shopping cart providers IP if the shopping cart is hosted on their server and not directly on yours.

For example, here's what Bank of America states on their website... Effective October 1, 2008: PCI Level 4 merchants using third-party software are required to either use PA-DSS-validated payment applications or meet PCI-DSS compliance requirements in order to board as a new merchant with Bank of America.

What it really boils down to is your acquirer's (your merchant bank's) specific requirements, as each acquirers requirements are different. Your acquirer has a lot of influence on what you need to provide as far as PCI DSS compliance. If you are concerned about your liability or your responsibility as a merchant, contact your acquirer and ask them what they want from you in order for you to meet PCI DSS Compliance requirements.

Trust Guard makes it easy with our SAQ wizard, so it really depends on which company you use. You can usually tell if you're going to have a problem if the company is very technical in their sales and marketing approach. In other words, if you can't understand what they're saying before you sign up, chances are it's not going to get any easier after.

At Trust Guard we do everything we can to try and simplify and streamline the process by providing easy setup options and helpful wizard to assist you throughout the process. We even have dedicated PCI support staff available in case you have any problems or need guidance in fixing a vulnerability on your server.

Other than frequency, they're the exact same service. Quarterly scanning is just the minimum number of scans required for PCI DSS Compliance for all merchants. There are however, two very good reasons to do daily scanning. The first reason is to make sure that your server is continually checked and protected against any new vulnerabilities that come up - I like to think of it as anti-virus software for your server. The second reason is to make your customers feel more comfortable. Think of it this way... Would you rather buy something from a website that is scanned for vulnerabilities once every three months or scanned every single day? Same with your customer. Obviously daily scanning is more expensive, but the price per scan is much lower, making it more affordable.

Here's where PCI DSS gets very interesting in my opinion, because here at Trust Guard we view PCI completely different than any other company that offers PCI Scanning. While it is very important to have security measures in place to protect your customers, in our opinion, the true, long-term value of PCI DSS Compliance is MORE TRUST. Our motto here at Trust Guard is that Trust = Conversion, and we know, from seeing thousands of test results, that the more your customers trust you, the more likely they are to buy from you. If you consider the odds that a hacker is actually going to hack into your server or your shopping cart providers server and steal your customers credit cards, it's very unlikely, but that's not the point. The point is that by implementing PCI DSS, you've lowered the odds even more, and by your actions you have shown your customer that you truly care about their security, and that gives them additional peace of mind which means more sales and more money to your bottom line.

For anyone that is serious about their online business, I recommend that even if PCI DSS Compliance is not required by your acquirer, that you still have your site scanned because your site will be much safer. Our seals are awarded based on successful PCI Scans, not on PCI Compliance, which gives you more flexibility. You'll get more sales and more repeat customers by having a Trust Guard Security Scanned seal on your site than without one, a great deal when you consider how affordable we've made it for small businesses.

Good question - we've asked ourselves the same thing. Our PCI Scanning services are generally more thorough, we typically scan for more vulnerabilities than the competition and do ASV (Approved Scanning Vendor) scanning just like theirs.

As soon as you sign up for our PCI Scanning service, you get an email with access to your Member Control Panel, where you start the verification process. One of the verification options in your control panel allows you to add your websites domain or IP address (along with additional IP addresses applicable to your website) into the system and start the PCI scanning process. As soon as the scans are complete, you will be able to review the reports and see if there are any critical vulnerabilities that need to be resolved by you, your host, or your shopping cart provider. There is also direct access in your control panel to the SAQ (Self-Assessment Questionnaire), along with helpful instructions that simplify the process so that you can complete the questionnaire as quickly and accurately as possible. As soon as your scans pass and your SAQ is complete, you simply forward them on to your acquirer. The process is very straight forward and user-friendly.

• Price - Our price is more than half of our competitors, which makes it much more affordable for online businesses.

• Fixed Pricing - Do you despise price increases? So do we, that's why your price is locked for life. Once you purchase, your price will never go up.

• No Contracts - We want you to stay with us because you want to not because you have to. Therefor we do not require you to commit to any contract what-so-ever.

• Customer Service - If you ever have a problem our professional staff is available by Phone, Chat and/or Email. Furthermore if you ever call, you will talk to a real customer service rep and not a machine.

• Additional Site Discounts - We reward our valued members with deep discounts on any additional sites, and even give them the ability to effortlessly manage multiple domains with one account.

• Verification Seals - We offer our Privacy Verified and Business Verified seals which perfectly compliment the Security Scanned seal and are proven to further increase your conversion rate.

• Outstanding Guarantee - Our 60 day Double your Money Back Guarantee is the best in the industry. At Trust Guard we put our money where our mouth is!

• Bonus Fail Over Security Seal - The Security Scanned seal comes with a special backup feature unique to Trust Guard. If for some reason your website doesn't pass the stringent PCI Security Scanned seal requirements the system will automatically display the Security Verified Seal as a proxy. Then, when you fix your vulnerabilities, and your site passes the necessary PCI Scan, the Security Scanned seal will again display - this unique backup feature ensures that you always display a valid security seal on your site.