[BNM] PCI Compliance

AndrewGill73@gmail.com andrewgill73 at gmail.com
Tue Jun 24 10:01:06 BST 2008 

I was talking with ProTx support (a payment gateway) about this yesterday.
It was news to me.

They recommend trustwave TrustKeeper tool (
https://www.trustwave.com/merchants.php). I'm interested to know if PCI
compliance is a "must have" or whether Merchants can get away without it?

ProTx implied that some banks would not supply new merchant accounts to
customers without PCI compliance... eek!

Andy

On Mon, Jun 23, 2008 at 9:01 PM, Nick Wilsdon <n.wilsdon at e3internet.com>
wrote:

> >Why do you need PCIc if the details are handled by the gateway?
>
> Hi Tom,
>
> We had this discussion on the UK-NM list and one member actually found
> someone with a clue at the back - they confirmed that PCI *was* needed
> unless you carry out the entire transaction on the gateway site. This is
> because the details can be intercepted on your server before they are sent
> to the gateway.
>
> Compliance for this is much less than if you were storing the cards etc.
>
> RE: Shared servers
>
> Yep, you can get PCI for sites on shared servers. PCI certificates are
> given
> out for the site not for the server, and charged that way too. If you run a
> shared server you can get a reduced rate for running several sites through
> at the same time - so not a bad idea to get a few people on the box to do
> the test at the same time.
>
> Other notes here, but this is a bit old now - got some links for providers
> though.
>
> http://nickwilsdon.com/get-your-e-commerce-pci-compliant-or-face-fines/
>
> But, not heard of any prosecutions or enforcement Tom. Will be a mad panic
> once that happens though, I doubt a fraction of UK businesses are
> compliant.
>
> I was doing some research for a post and came across this site - they seem
> to be offering a free PCI scan. Might be worth checking out.
> https://www.controlscan.com/pci123trial.php
>
> --
> Best Regards
>
> Nick Wilsdon
>
> e3internet
> http://www.e3internet.com
>
> Skype: Nick_Wilsdon
> Tel: +7 4932 346314
> Blog: http://nickwilsdon.com
> --
>
> BNM Subscribe/Unsubscribe:
> http://www.brightonnewmedia.org/options/bnmlist
>
>
> dConstruct tickets on sale from 11am, 24 June -
> http://2008.dconstruct.org/
>
> BNM powered by Wessex Networks:
> http://www.wessexnetworks.com
>



-- 

Kind regards,

Andrew Gill
07880 730096

More information about the BNMlist mailing list. Powered by Wessex Networks