[ic] Transparent Redirect for IC
dan at berganconsulting.com
Fri Mar 15 15:52:06 UTC 2013
On Fri, Mar 15, 2013 at 8:49 AM, Paul Jordan <paul at gishnetwork.com> wrote:
> > Is anyone interested in helping put together a generic or Braintree
> > Transparent Redirect payment module for IC? The basic idea with
> > Transparent Redirect is to post your credit card form directly to the
> > processor who then transparently redirects the user back to your site.
> > means you don't have to deal with PCI Compliance at all. I don't know of
> > downside to this.
> If the customer is typing their sensitive info on your page that is on your
> server and under your control, you still need to be PCI compliant. Imagine
> if a hacker gets into your system and tinkers with your "credit card form"
> to sleuth the info for themselves *and also* post it to your processor so
> that no one is the wiser.
> If anything, it makes PCI compliance simpler - because you need to worry
> about fewer critical code points.
> Even forwarding to a payment page on a gateway does not eliminate PCI
> compliance - the assumption being that your users are in fact being
> forwarded in the way you originally prepared things, and is not being
> molested inbetweenst.
> If you are a merchant, you need to attest to PCI compliance and scan your
> kit - period.
So, if I only use PayPal for my payment processing, I would still be
required to show that my site is PCI Compliant?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the interchange-users