PCI DSS compliance is a compulsory standard if you handle any type of payment cards.
You can become PCI DSS compliant in one of two ways. Either you obtain this yourself, or you get your customers and your own staff to only enter card details into sites and systems supplied by a third party who are themselves PCI DSS compliant.
If your buyer enters their payment details either into a page at your web site and passes them to a PCI DSS complaint PSP, your web site must still be fully PCI DSS compliant, as you are collecting the card details and passing them on. This is because any compromise of your web site would lead to a rogue third party being able to acquire the card details.
For more information on how to become compliant yourself, the official body responsible for PCIDSS can be found at https://www.pcisecuritystandards.org/.
You can become PCI DSS compliant in one of two ways. Either you obtain this yourself, or you get your customers and your own staff to only enter card details into sites and systems supplied by a third party who are themselves PCI DSS compliant.
If your buyer enters their payment details either into a page at your web site and passes them to a PCI DSS complaint PSP, your web site must still be fully PCI DSS compliant, as you are collecting the card details and passing them on. This is because any compromise of your web site would lead to a rogue third party being able to acquire the card details.
For more information on how to become compliant yourself, the official body responsible for PCIDSS can be found at https://www.pcisecuritystandards.org/.