On Sat, Mar 5, 2011 at 8:37 PM, Paul Saenz <forensicneoph...@gmail.com>wrote:
> Yes, I am aware of all those requirements. Because of the way it is > set up, AWS provides compliance for many of those factors, and they > have several AMIs that meet the requirements of PCI DDS compliance in > their respective factors. Of course SSL gateways and no remote access > are some of the things that the administrator will have to implement. > As I have been looking over the requirements of PCI DDS compliance, I > just thought I'd ask the group if anyone has good information or > documentation about how to program a shopping cart that will be > compliant in PHP. So letting alone all the other factors that apply, > I'm just asking about that which applies to php. > > I know of a company that provides a PHP shopping cart that is PCI DDS > compliant for $500+ depending on how many items are being sold, and > they give a training course on how to deploy and configure it for > $2500. If I go that route, then I am free to sell that shopping cart > to anyone I desire. Nevertheless, it seems to me that it may be worth > my while to learn how to program and configure one myself. > > You might want to start by knowing what the nomenclature stands for. You keep repeating the PCI DDS acronym without knowing what it means. PCI - Payment Card Industry DSS - Data Security Standards There is no DDS in this, the same way that there's no HIPPA. On another note, there's a reason why there's no free open source PHP shopping cart. When you get to develop one that's PCI-DSS compliant, you'll know what I mean. If you really want to get into this, the PCI-DSS standards are well described on the official website, https://www.pcisecuritystandards.org and it's no generic information. Once you get familiar with the requirements, (please download the PDFs) and develop a fully compliant free open source PHP shopping cart, please do post here and we'll be glad to spread the word. -- Dante
_______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
