Payment Gateways are a nice alternative to processing credit cards yourself. Well, as nice as it gets...
Other then that, it's not me that is being "absolutist", but rather seeing this from a company perspective. "Nobody has ever claimed that PCI makes you secure." Interesting statement. Why's the need for PCI then? (don't bother with an answer) "It is a minimal standard which experience has shown most companies need spelled out for them." Exactly. So where was the security again? On Sat, Apr 24, 2010 at 12:56 AM, BMF <[email protected]> wrote: > On Fri, Apr 23, 2010 at 3:33 PM, Christian Sciberras <[email protected]> > wrote: > > 4) I've looked into whether it was into our best interest to use PCI. (it > > was decided that it wasn't worth the trouble) > > At that time, I knew about PCI but not its details, at which point we got > > someone to explain in detail for us. > > This right here screams "bullshitter". It isn't as if you get to > decide if you want to use PCI or not. If you process credit cards with > the major card brands you are going to do PCI either now or > eventually. There is no other security standard which you can choose. > You also show signs of being a victim of absolutism. Nobody has ever > claimed that PCI makes you secure. It is a minimal standard which > experience has shown most companies need spelled out for them. There > is much more than just the things spelled out by PCI that need to be > done. As usual in these situations, your real complaint isn't about > PCI but about the people who just don't get the point. >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
