The PCI Security Standards require all merchants, regardless of size or number of transactions, who accept, store, transmit or process any cardholder data to comply with PCI DSS. The requirements, for the majority of merchants, are an Annual PCI Self Assessment Questionnaire and a Quarterly Network Scan.
As a merchant accepting card payments Archan Publishing is required to comply with PCI DSS. As a service provider, PayPal is also required to comply with PCI DSS. The majority of ofPayPals services form part of Archan Publishing's PCI DSS compliance solution by easing the burden of PCI compliance on us.
Those services that Archan Publishing use that are PCI compliant and handled by PayPal are Website Payments Standard. PayPal handles the payment card information on Archan Publishing's behalf and so greatly eases the burden of PCI compliance. Also our customers shopping experience is totally outsource to PayPal.
By using a PCI-compliant third party service provider (PayPal, Auth.net, etc.) we therefore limit your scope of compliance. And, as our e-commerce business accepts less than 300,000 card payments per year, we have a responsibility to self-assess our compliance rather than hire a PCI QSA.
Our security standard is enhanced by PayPals compliance and our business SSL Certification.