Solutions keyboard_arrow_down keyboard_arrow_up
Our Solutions
Ontraport's solutions work together to give you everything you need to run your business in one centralized, easy-to-use platform.
Get a demo
Resources keyboard_arrow_down keyboard_arrow_up
Resources
Find free content on the latest marketing strategies, using Ontraport in your business, and finding the right software.
Visit the blog
Pricing Chat
HomeOntraport for paymentsSetup and orientation > Storing credit card information + PCI
Home > Setup and orientation  >  Storing credit card information + PCI
error
Attention: this video showcases a feature that has since been updated. Please check out the support article.
Storing credit card information + PCI
Ontraport safely stores your customers’ credit card data so you can run subscriptions, payment plans and manually charge your customers anytime. Here’s how it works.
You'll learn:
  • How Ontraport keeps your data safe
  • The importance of PCI compliance and how it benefits your business
  • Simple tips for keeping your customers’ info secure
Instructor
Mattew Bixby
Storing credit card information + PCI
Ontraport safely stores your customers’ credit card data so you can run subscriptions, payment plans and manually charge your customers anytime. Here’s how it works.
You'll learn:
  • How Ontraport keeps your data safe
  • The importance of PCI compliance and how it benefits your business
  • Simple tips for keeping your customers’ info secure
Course Instructor
Mattew Bixby
Related resources
Comments
settings
settings
settings
settings
[Block//Author//First Name] [Block//Author//Last Name] on [Block//Date Added %F j, Y g:i a%+0d0h0m]
[Block//Comment]
Transcript
As a Level 1 PCI Certified service provider, Ontraport can store your customers’ credit card data for you. That allows you to run subscriptions, payment plans and manually charge your customers’ cards anytime you need to, safely and securely.

But because Ontraport is storing this sensitive data for you, there are a few things you should know about how security around this stuff works. So, I’ll give you a quick run-down of storing credit card information and PCI compliance.

I won’t get into the fine print of Payment Card Industry (PCI) compliance because, frankly, I’m not a lawyer and I’m not here to give you legal advice. But it is helpful to know the basics of PCI standards and what Ontraport does to keep you compliant.

So, here’s the bottom line. If you accept credit cards, your business needs to be PCI compliant. 

PCI is a bunch of security rules set by the credit card industry. No one really ever comes around and checks whether you’re compliant with them… until you have a security breach. If your business becomes the source of lost credit card data, all of a sudden everyone wants to know exactly how compliant you were. And, if the answer isn’t ‘100% compliant’ then you could end up liable for the cost of whatever fraud occurred with those lost cards.

And that can get really, really expensive, real fast. Like, “put you out of business” expensive.

We don’t want that, so this is something to pay a bit of attention to.

Now here’s the good news: compliance CAN be really easy for online businesses. Because the easiest way to be compliant is to never see or handle credit card data. 

For online businesses, this is often pretty easy. People order online, their card data is stored in Ontraport, and you can’t see it.

In fact, this is exactly why we only show you the last 4 digits of your client’s credit cards… because if you could see the whole card number, you’d suddenly be what they call ‘in scope’ for all the detailed compliance rules. Since you can’t see the number, you’re ‘out of scope,’ which is a good thing.

Things get a bit hairier when you start accepting credit cards over the phone or in person, and frankly those situations are beyond what we’re going to discuss today.

What I CAN tell you is that to the extent you can avoid ever seeing or knowing your customer’s credit card data, you are keeping your business in a much lower risk position with respect to PCI and credit card fraud liability. 

So, consider creating online order forms instead of taking credit card data over the phone. And, please.. If you do take payments over the phone or in person, don’t ever have people writing down credit card information on paper like the old days. That’s just asking for trouble.

The good thing about Ontraport is that once their credit card is in the system, you can run charges against it anytime you need to. So, you can still take orders over the phone without worrying about PCI if you’re running the charge against the card that’s already on file.

If you do take cards in person or over the phone, we recommend that you research your liability with respect to PCI rules, because if the stuff ever does hit the fan, you’ll want to have your house in order.

Ok, that’s it for PCI!
About Ontraport
Partners & Integrations
Resources
Getting Started

Turn your business on with Ontraport.

[bot_catcher]