At 3dcart we have just completed our annual re-certification of Payment Card Industry Data Security Standard (PCI-DSS), the strictest industry-recognized information security standard in the world. This achievement of compliance means that 3dcart’s users can be confident in the security of their e-Commerce platform.
We selected Security Metrics, one of the leaders on data security and PCI compliance, for 3dcart's latest PCI Certification.
Why 3dcart Will Never Ask You to Pay A So-Called “PCI Compliance Fee”
At 3dcart, our business revolves around transparency. A healthy and trusting customer community is core to how we make progress as a software company.
In the past, We've written extensively about the benefits PCI compliance brings to online merchants like you. In light of recent events, it’s time for a gut-check on PCI compliance—what it is, why it’s important, how its attained, and what it costs us to make sure all of our customers run a compliant business.
We created this primer to clarify any misconceptions you may have about PCI compliance. Most importantly, we want to demonstrate why we’ll never charge your organization monthly PCI compliance fees—and why any company charging these fees may be exploiting its customers.
First, let’s get up to speed on what exactly PCI compliance is and why it matters.
A Quick Look at PCI Compliance
Many of you know that PCI compliance means your business fulfills a set of criteria set forth by credit card companies. These criteria were created to protect you, the business owner, just as much as they’re meant to protect online shoppers.
Put simply, compliant stores are proactive in defending against fraud.
Fraud, pirated personal information, and identity theft are real threats online. By creating tough standards for online business, the card companies protect themselves from bad payments. Everyone benefits—except the fraudster, of course.
Now, PCI compliance is necessary for running an online business. But before it was required, 3dcart's executive team made it a priority. We saw the importance of protecting your business in an era of the web that very much resembled the Wild West.
Fast forward to 2013. Technology (along with online fraud) has evolved. Compliance rules have evolved with it. Our technology has kept pace.
Has the cost of PCI compliance risen significantly higher than when standards first emerged? No, not the way we see it. Here’s the annual process for staying compliant and associated costs.
How We Became A PCI Compliant Business
Earning compliance is no simple task. As a software solution, 3dcart must meet high standards of quality.
We won’t bore you with the details, but here are the highlights:
- In the beginning, 3dcart’s development team spent weeks fortifying the software to meet security standards. Our software underwent rigorous testing by third-party consultants to make sure it was up to snuff.
- Now, we stay on top of new security tactics so we can meet standards without much effort when the annual test rolls around.
- It costs 3dcart less than $60,000 annually to stay compliant. With 16,000+ customers, that’s a manageable fee for our organization. (It’s something a top-tier shopping cart should do anyway to keep its status.)
- To read about the whole process, visit the PCI Security Standards Council website.
Why We’ll Never Charge Our Customers PCI Fees
Frankly, we haven’t incurred any new extra costs from compliance. Why should you?
Like your online store, 3dcart is a business. We make our margins in order to stay profitable. Some of those profits go back into a product that we can take pride in. The rest keeps our staff loyal and motivated.
We aren't here to make a quick buck. We’re much more interested in sticking around for the long term. After all, long-term prosperity is the cornerstone of building a successful brand. We want our customers to connect with that brand over the next year, decade, and century.
The trust of our customers is core to that brand. Keeping that trust requires us to make our margins in transparent ways. That means no pure-profit schemes that exploit you, the customer.
As a business owner, you understand going to great lengths to create lifelong customer. That’s the kind of relationship we hope to create with you.
For all of these reasons and more, we’ll never charge you fees for invisible services. And you shouldn't settle for anything less.