On Wed, Apr 10, 2013 at 3:22 PM, sparky <[email protected]> wrote: > @ke1g thats a very sweeping generalisation. > > personally, we are PCI DSS level 2 compliant, have scans and all data is > transmitted using SSL. we are resellers > we also NEVER store card details EVER only transmit! I'm a newbie to > Django but have implemented > sagepay on 3 other languages on sites which takes thousands a day over the > last 5 years (when it was Protx) > > have you ever used sagepay? you don't need to store card details they also > offer VSP form and server. >
If the info passes through RAM on your server, and somebody roots it, they can capture the information. If I redirect the user to Authorize.net to collect the CC info, then I can feel relatively safe deploying to the cloud, or wherever most folks tempted to use these tools are going to deploy. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.

