Unfortunately, we are not currently fully PCI compliant as compliancy standards are constantly being updated.
If you are using the Manual Payment Processing option, the most important thing you need to concern yourself with in remaining compliant yourself, is your own practices with regard to storing orders under 'Tools' -> 'Orders'.
These orders are securely stored and encrypted on our system, but they do still contain sensitive information. Make sure that you are not unnecessarily storing orders on your website.
The Orders section is in place to allow you time to perform any necessary actions on an order, but once the transaction is complete, you should delete it to ensure that you stay compliant.
If you need to keep a record, it is at your discretion and responsibility to retain a printed copy, but we do not recommend that you retain orders more than a month old on your website.
|