On Tue, Jun 9, 2009 at 10:12 AM, Joe Pruett<[email protected]> wrote: >> Braintree goes further by letting you avoid even the PCI >> Self-Assessment Questionnaire (SAQ) with their transparent redirect >> service. While you still serve the shopping card page, the form posts >> directly to Braintree, then you receive a token back (without ever >> seeing/transiting the card number). >> http://braintreepaymentsolutions.com/pci-dss-compliance > > thank you for posting this. i had been going around and around with > authorize.net trying to figure out why they didn't provide this option and > then couldn't find anyone else that did either. total outsourcing like > this is the only thing that is going to make sense for the smaller > business as the pci compliance hammer comes down on our heads over the > coming years.
My pleasure. I looked for it too, and while canceling our otherwise-excellent PaySimple service, emailed their CEO explaining why I was leaving: no PCI bypass, and no support for ActiveMerchant (a client-initiated recurring billing API for Ruby on Rails). Braintree's token+bypass is where the industry is going. Troy -- Seven Scale, creators of Cloudvox and Open Syslog call your code - API-driven phone calls - cloudvox.com _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
