Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

PCI DSS, credit card

Guest

By Guest
in Other

 Share

Recommended Posts

Guest

Guest

Posted
Posted

Ok, I am not really knowledged about this stuff, so I am hoping I can get some help here.

I have a webstore that waits to be opened, all that is missing is payment option.

My coworker had a meeting with the bank today, and the cardmachine will be in our hands within the end of the week.

Now I just have to figure out how I manage to let people plot in their credit card info to pay at our website so I can make the payment manually.

I have read something about PCI DSS, is that something I need to get? If so, from where?

And what module do I need to put on the website?

 

If someone could take a bit of time to explain me how I do it to manage with the payment, I would greatly appreciate it!

Guest

Guest

Posted
Posted

This post explains it all - in summary unless you are PCI compliant you may not store any credit card information on your site (and to be compliant you will need a dedicated server and to go through security scans etc etc)

 

Have you bank given you permission to process internet orders on a manual machine - you'll find that this is in violation of most merchant contracts.

Guest

Guest

Posted
Posted

Replying to you PM in public for the benefit of others:

Hello and thank you for your reply.

As I mentioned in the post, I am quite clueless about this stuff, but I need to figure out how it works.

Not sure if I misunderstood, but what you are saying is that I cannot at all transfer money by using our card machine in the shop with information provided by a client online?

Or is there a way to do it if I am registered with the PCI DSS?

 

I am not even sure what to ask, as I do not understand the nature of this at this point... Been surfing this forum here, but I basically see the same questions with the same answers, but no solution...

 

Really appreciate if you could help me out a little bit smile.gif

 

Thanks

 

It's complex but the basics are that:

- unless you are fully PCI compliant you cannot store any card details.

- Orders placed online carry a different level of fraud risk to telephone/mail orders and again to "in person" transaction, because of this the banks require the transactions the be flagged accordingly and thus online transactions are not normally permitted to be processed on a manual card machine.

- Processing on a manual machine means that customers won't be able to use Verified by visa / mastercard securecode. This new system reduced fraud and shifts liability from you to the bank if fraud does happen

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...