All businesses accepting card payments need to meet the Payment Card Industry Data Security Standard (PCI DSS). Being PCI DSS compliant reduces the risk of your customers' card data getting into the wrong hands.
I was asked to assist with this the other day, my client had been told by Streamline that they had to do it and suggested using Trustwave.
First had to fill in self assessment questionnaire (SAQ) which goes on for pages, then scan store. This threw up various faults which in fact were false positives. So the certificate was granted.
The process was quite complex and my client could not cope with it, so not only are you going to have to pay for the certificate you are probably going to have to get someone to complete it for you.
Anyone else have any experience of this.
Keith
PCI DSS Compliance - Post ID 201570
Keith W Jones
Ambassador
580 posts
Jo Rice
Senior Advisor
10,951 posts
Nope... suggestion:
Use CoffeeCup's Shopping Cart Creator's as they don't need to mess with this. This way PayPal or the other payment processing sites have to do all this because they are the ones accepting the credit cards, not the shop using SCC programs
Use CoffeeCup's Shopping Cart Creator's as they don't need to mess with this. This way PayPal or the other payment processing sites have to do all this because they are the ones accepting the credit cards, not the shop using SCC programs
Keith W Jones
Ambassador
580 posts
Jo Ann
I have done carts with CMS and mysql database, can you tell me how SCC works?
Keith
I have done carts with CMS and mysql database, can you tell me how SCC works?
Keith
Jo Rice
Senior Advisor
10,951 posts
SCC carts work by sending the order to PayPal. This means no customer information (credit card stuff for the most part) is stored anywhere within the shopping cart itself. When you get your orders from your customers, they come from PayPal. You may get an acknowledgement from the cart, but it's not stored anywhere it's just spitting out what they filled out just the same as any other form.
This means that using the SCC programs, you don't have to worry about the compliance because you're not dealing with customer payment information. That information is collected via the payment processing systems you have the cart setup with such as PayPal, Google, etc. Those sites are the ones that have to worry about the compliance then and that saves you and your clients headaches and frustration having to mess with it.
This means that using the SCC programs, you don't have to worry about the compliance because you're not dealing with customer payment information. That information is collected via the payment processing systems you have the cart setup with such as PayPal, Google, etc. Those sites are the ones that have to worry about the compliance then and that saves you and your clients headaches and frustration having to mess with it.
Keith W Jones
Ambassador
580 posts
Tried SCC trial and had store up on localhost in not more than 5 minutes. Surprised how easy it was to get started. So purchased this version but SCCP will probably be better for what we need.
Doing this for a client who can not cope with CMS store.
Keith
Doing this for a client who can not cope with CMS store.
Keith
Prism
Ambassador
1,611 posts
Hi Kieth, even with a CMS setup you could still use an encrypted Paypal button, all transactions are handled by Paypal
The Guy from OZ
Keith W Jones
Ambassador
580 posts
Thanks Prism but they prefer to take credit cards direct however Paypal may be a better route.
Keith
Keith
Viv ...VSD & SCCP user
Registered User
2,156 posts
I have been using SCCP with Paypal since about a month after CC put it out for purchase
I had tried loads of other cart systems, cubecart, os commerse, majenta,
this is so much easier than anything else i tried
more to the poiint, sales speek for themselves, its been very succesfull
one thing though SCCP is far easier to manipulate SEO, when you want to force Google results
try a search for silver masonic rings chances are you will see this in a result : Sterling silver masonic signet rings from £29.99 UK made. : I edited in SCCP what google found to get this result in time for Christmas trade.
I had tried loads of other cart systems, cubecart, os commerse, majenta,
this is so much easier than anything else i tried
more to the poiint, sales speek for themselves, its been very succesfull
one thing though SCCP is far easier to manipulate SEO, when you want to force Google results
try a search for silver masonic rings chances are you will see this in a result : Sterling silver masonic signet rings from £29.99 UK made. : I edited in SCCP what google found to get this result in time for Christmas trade.
Started using CC VSD in January 2009, I don't do HTML code, Sales from CC site exceeding expectations taken me out of semi-retirement
Hosted FREE on CC S DRIVE www.chauffeurdrivenluxurycars.co.uk
My new VSD & SCCP site Oct 2011 www.deloreanjewellery.co.uk
My friendly window cleaner www.mwcwindowcleaner.co.uk
Hosted FREE on CC S DRIVE www.chauffeurdrivenluxurycars.co.uk
My new VSD & SCCP site Oct 2011 www.deloreanjewellery.co.uk
My friendly window cleaner www.mwcwindowcleaner.co.uk
Keith W Jones
Ambassador
580 posts
Viv
Thanks that is helpful, on Google search you are number 4. We are in fact using CubeCart.
Also saw your post about paying straight into bank.
What do you think about Paypal fees.
Keith
Thanks that is helpful, on Google search you are number 4. We are in fact using CubeCart.
Also saw your post about paying straight into bank.
What do you think about Paypal fees.
Keith
Have something to add? We’d love to hear it!
You must have an account to participate. Please Sign In Here, then join the conversation.
