I have really enjoyed doing my research on PCI Scanning and sharing all that I have learned with you. I have learned so much and it has definitely been a real eye opener for me. There is so much more to learn about PCI Scanning, but my latest topic of research has been on how to become PCI certified.

To become PCI Certified you must complete several different things such as:

• Complete the Self Assessment Questionnaire according to the directions. The SAQ is just a list of questions about your website and your current security practices.
• Complete a vulnerability scan through an approved scanning vendor (ASV) and show proof that you passed the scan.
• Complete the entire relevant Attestation of Compliance which is located in the SAQ.
• Submit all your documentation to your acquirer and let them do the rest.

You must comply if you accept any sort of credit card information on your site. For most sites it isn’t an option, and you must become PCI Certified or risk facing some serious consequences such as big fines or not being able to handle credit card information anymore. For the sites that aren’t required to become PCI Certified it is still a good idea to do it and can end up being very beneficial for you. It does cost money, but the payback should make it worth it. What payback might you ask? Well when customers know that you are taking their security seriously, and they can see that you are using a third party to secure your site then you should see a bigger increase in sales because your customers will trust you more.

Once you are PCI Certified you will have to complete the self assessment questionnaire once a year as well as complete scans on a regular basis which is determined by your acquirer.