Merchant accounts like Authorize.net are now requiring customers to become PCI compliant for e-commerce. Even if you are using an event registration software like event espresso for wordpress you will be required to go through this process.
My advise - use a HOSTED checkout .....
There are really only 2 ways to become PCI compliant. Here are the run downs of each.
a hosted checkout like Authorize.net SIM or Paypal Standard Customer
goes outside of the website to submit their information then gets
returned to the website. This method is the most cost effective. It
allows you to keep the cheaper hosting and not pay for services like
Here is a picture that explains it.
hosting to a Virtual Private Server or Dedicated host which is severe
overkill for the online business you are running. Generally it costs
between $50-$75+ for a VPS and even more for a Dedicated server. Along
with the different server we would need to purchase and install a wild
card SSL for all services (email, ftp, etc) around ~$100.
Then once all of that is completed we run security metrics scans (these take 12ish hours) review the issues and work with the hosting support team to complete the changes. Generally there are several rounds of back and forth until its compliant. The PCI compliance scan rules to change occasionally to keep up with software updates and security holes.
As you can see option 2 becomes expensive quickly so I wanted you to be able to make an informed decision.
The question really becomes how much does hosted checkout bother you and your customers?
And are we selling enough to make this worth while?
Of course all of this is for the website, if you process and store credit cards in house you will need to be PCI compliant there as well.