Many APIs start out serving content. But if you eventually want to transact with your API and take credit card orders - you need to understand the implications of PCI DSS compliance.
PCI is a set of requirements that protects your customers and your business from the release of sensitive credit card information. You don't buy technology to that makes you PCI compliant. Instead, PCI is a process and checklist of standards that those accepting credit card data must adhere to (more on this here). But it's important that the technology you use support and maintain your PCI compliance process.
Earlier this week we announced our Apigee Enterprise Cloud PCI - for companies that want to transact with their API, yet take advantage of the cloud for their API management and infrastructure.
On July 16 2011, we'll host a live webinar on the topic of PCI and considerations foryour API. We'll also be writing a bit more on this topic over the next few days.
Have a great holiday.