What risk this creates: If customers enter their card details directly on your website (without being redirected to a secure payment page), your server is handling and storing sensitive payment card data. This creates several serious risks:
- You become a high-value target for cybercriminals seeking to steal card data
- Data breaches can expose thousands of customers' financial information, leading to identity theft and fraud
- You're legally liable for any security incidents involving customer payment data
- Compliance requirements after a data breach are extensive and expensive - you'll need regular security audits, encrypted databases, secure networks, and specialized staff
- Fines and penalties can reach hundreds of thousands of dollars for non-compliance or breaches
What you should do:
- Stop processing card data on your own server. Instead, let payment specialists handle this sensitive data:
Use a hosted payment page: - Use a hosted payment page: When customers check out, redirect them to your payment provider's secure, PCI-compliant page. The customer completes payment there, then returns to your site. This completely removes card data from your systems.
- Use an embedded payment form (iFrame): This displays a secure payment form that looks integrated into your website, but the form actually runs on your payment provider's servers. Card details never touch your system, but customers stay on your site throughout the process. If you go this route then you may need to carry out regular PCI DSS External Vulnerability Scanning.
- Choose a PCI DSS-compliant payment provider for either option. PCI DSS (Payment Card Industry Data Security Standard) is a set of security requirements that all businesses handling card data must follow.
The bottom line: Unless you're a large enterprise with dedicated security teams and substantial compliance budgets, handling card data yourself isn't worth the risk. Let the experts do what they do best while you focus on your business.