Re: [Snowdrift-discuss] PCI compliance

On Tue, Jul 11, 2017 at 01:42:34AM +0300, fr33domlover wrote: > On Mon, 10 Jul 2017 14:18:53 -0700 Aaron Wolf wrote: > > > The real long-term solution is what CrowdSupply does: They accept > > the financial details on their front-end using only free software > > and then have the server send the in

Re: [Snowdrift-discuss] PCI compliance

On Mon, 10 Jul 2017 14:18:53 -0700 Aaron Wolf wrote: > The real long-term solution is what CrowdSupply does: They accept the > financial details on their front-end using only free software and then > have the server send the information to Stripe using Stripe's API and > without *ever* storing th

Re: [Snowdrift-discuss] PCI compliance

In the normal case‎, PCI compliance isn't too bad. You have to use TLS (duh) and make sure you never store credit card info (not even in logs or swap) and that's pretty much it.‎ ___ Discuss mailing list Discuss@lists.snowdrift.coop https://lists.snowdr

Re: [Snowdrift-discuss] PCI compliance

I may be misunderstanding but if it's significant effort it makes a lot of sense to me to go without it until ready to switch off stripes js. On mobile and haven't looked at the guide yet. On Mon, Jul 10, 2017, at 02:18 PM, Aaron Wolf wrote: > On 07/10/2017 01:53 PM, fr33domlover wrote: > > Hello

Re: [Snowdrift-discuss] PCI compliance

On 07/10/2017 01:53 PM, fr33domlover wrote: > Hello everyone, > > > I found a nice website with human readable info about PCI compliance: > > > > I'm bringing this up especially because right now Snowdrift is using Stripe's > proprietary JS, wh

[Snowdrift-discuss] PCI compliance

Hello everyone, I found a nice website with human readable info about PCI compliance: I'm bringing this up especially because right now Snowdrift is using Stripe's proprietary JS, which will surely raise eyebrows sooner or later, and regardless