On Wed, Apr 10, 2013 at 3:22 PM, sparky <[email protected]> wrote:

> @ke1g thats a very sweeping generalisation.
>
> personally, we are PCI DSS level 2 compliant, have scans and all data is
> transmitted using SSL. we are resellers
> we also NEVER store card details EVER only transmit! I'm a newbie to
> Django but have implemented
> sagepay on 3 other languages on sites which takes thousands a day over the
> last 5 years (when it was Protx)
>
> have you ever used sagepay? you don't need to store card details they also
> offer VSP form and server.
>

If the info passes through RAM on your server, and somebody roots it, they
can capture the information.  If I redirect the user to Authorize.net to
collect the CC info, then I can feel relatively safe deploying to the
cloud, or wherever most folks tempted to use these tools are going to
deploy.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.


Reply via email to