I'm still a little fuzzy on how to become PCI Compliant.
Does this sound right?:
1. I build my website
2. I get my website hosted
3. I call up some PCI-Compliance company and tell them I want my site to be PCI Compliant
4. The company analyzes my website's code, and analyzes my hosting situation
5. They give me a "thumbs up" or a "thumbs down" (in which case they tell me what I need to change to get a "thumbs up".
Thanks