No. An SSL certificate is just one piece of the puzzle to becoming PCI compliant. You must establish strong encryption of the cardholder’s data during transmission over open, public networks. In addition, you need to validate that the website operators are a legitimate, legal organization.
Articles in this section
- How do I become PCI Compliant?
- What are the PCI compliance levels and how are they determined?
- If I only accept credit cards over the phone, does PCI still apply to me?
- My business has multiple locations; is each location required to validate PCI compliance?
- Are debit card transactions in scope for PCI?
- Am I PCI compliant if I have an SSL certificate?
- What are the penalties for noncompliance?
- What is defined as ‘cardholder data’?
- What is the definition of merchant?
- What constitutes a payment application?