Many e-commerce companies are increasingly relying upon third party service providers to assist with the processing of credit card transactions.  Outsourcing this activity to providers can help ease the burdens of processing and securing transactions as well as implementing many PCI DSS compliance requirements.  In response to this trend, the Payment Card Industry Security Standards Council recently released the PCI DSS E-Commerce Guidelines that provide merchants with a clear path to PCI DSS compliance.

The primary focus of these guidelines is ensuring that merchants understand the risks associated with outsourcing.  Outsourced environments are vulnerable to all of the same web security risks facing in-house implementations, including SQL Injection, Cross-site Scripting, Cross-site Request Forgery, and security misconfigurations.  The guidelines ensure that merchants select compliant service provider partners and clearly delineate the responsibilities for PCI DSS compliance that rest with the merchant and those that rest with the service provider.

Read More: Inside the PCI DSS E-Commerce Security Guidelines

Originally published on SearchSecurity.com