i did some reading on PCI compliance and it's a quagmire! There are
multiple levels of PCI requirements depending on what you do with the
data. as best i can tell (without being an expert), a javascript only
solution that posts directly to swipe and one where you post data to your
server and
I studied the PCI specs when I taught a security class years ago. Things
may have changed. I too remember that the major issue with PCI compliance
was securing the server (keeping everything updated, applying security
patches, running latest antivirus and intrusion detection software) and
If your application handles credit card information, it must be audited for
compliance. So it may or may not be compliant, an audit will determine
that.
What most companies do is avoid the audit by not handling credit card
information. If you use authorize.net (as an example) you can use the
Also note for stripe...
https://stripe.com/us/help/faq#pci-compliance
Anyone accepting credit card payments must be PCI compliant—but with
Stripe, it's easy:
- Serve your payment page over SSL https://stripe.com/help/ssl,
i.e., the page's web address should begin with https, not
I do not know if it is PCI compliant. The provided code requires that your
application handles (although not stores) credit card info.
Massimo
On Sunday, 13 January 2013 12:16:44 UTC-6, Ragtime AllTime wrote:
Hello all, I'm looking into using stripe.com as a payment processor for
web2py.
5 matches
Mail list logo
