In another thread, I mentioned that Trustwave told me I could not take credit cards (even though I am using authorize.net to process them) through my website on rackspace because they were not pci compliant. The problem is this - I have about 5 other websites that are taking credit cards but apparently not pci compliant, but trustwave hasn’t said anything about them. Why is this? Should I be nervous, or wait for trustwave to contact me about the others? I’m so in the dark here folks - I was always told that as long as I don’t store the cc info, and directly send it securely to authorize.net I would be fine. Help!!!
It could be that they have just not scanned your other 5 websites yet and when they do they will be deemed not complaint as well.
When you do the pci compliance check they ask you about how you take credit cards, ie your role etc you might have chosen the wrong role for the site where you are getting the non compliance. For instance the rules are more strict if you store the credit cards etc then if you do not.