I'm not sure I totally understand the PCI compliance stuff. My question is this:
I'd like to set up a WordPress site and use WooCommerce. In terms of payment processors, I'd like to use either Authorize.net CIM or Stripe. At the top of each of those pages, it says that an SSL certificate is required, so based on that fact and the PCI-DSS Compliance article on the WooCommerce site, I assumed that PCI Compliance would be necessary. Is that correct?
If I do need to worry about PCI Compliance, what does that mean I need to do? I'm familar with the 12 requirements, I just don't understand the practical implications for me.
Specifically, I understand that many of the PCI requirements are covered by the hosting provider. Others PCI requirements are covered by the coding. Both of those things I don't have to really worry about, once it's set up. One thing I know I'll need to do, though, is enable SSL on the site. Is there anything else I am responsible to do, though? For example, annually get my site scanned for PCI Compliance? Manage my store in a particular way?
Any info is more than welcome! Things are a bit vague for me regarding this and PCI Compliance.