I had never heard of PA-DSS until I bumped into this blog post -
http://www.merchantaccountblog.com/735/pa-dss-and-you-thought-pci-was-a-mess Its scary beast that has the potential to rip the heart out of open source e-commerce if the credit card companies come down hard requiring this. If you use the ecommerce app I would have a good read of this. Sam |
WOW - thanks for sending that along Sam.
Cheers, Tim -- Tim Ruppert HotWax Media http://www.hotwaxmedia.com o:801.649.6594 f:801.649.6595 ----- "Sam Hamilton" <[hidden email]> wrote: > I had never heard of PA-DSS until I bumped into this blog post - > http://www.merchantaccountblog.com/735/pa-dss-and-you-thought-pci-was-a-mess > Its scary beast that has the potential to rip the heart out of open > source e-commerce if the credit card companies come down hard > requiring > this. > If you use the ecommerce app I would have a good read of this. > > Sam |
Administrator
|
In reply to this post by samhamilton
Indeed!
Thanks Sam Jacques From: "Sam Hamilton" <[hidden email]> >I had never heard of PA-DSS until I bumped into this blog post - > http://www.merchantaccountblog.com/735/pa-dss-and-you-thought-pci-was-a-mess > Its scary beast that has the potential to rip the heart out of open > source e-commerce if the credit card companies come down hard requiring > this. > If you use the ecommerce app I would have a good read of this. > > Sam > |
In reply to this post by samhamilton
This also means that gateways like pay pro, authorizenet, Paypal gateway
and others will not be valid, since the software the uses them must be certified. The will give a big boost to Google checkout and PayPal (IPN), since they do the processing of the CC and not CC information is returned. Sam Hamilton sent the following on 5/24/2009 5:04 AM: > I had never heard of PA-DSS until I bumped into this blog post - > http://www.merchantaccountblog.com/735/pa-dss-and-you-thought-pci-was-a-mess > > Its scary beast that has the potential to rip the heart out of open > source e-commerce if the credit card companies come down hard requiring > this. > If you use the ecommerce app I would have a good read of this. > > Sam > > -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro Systems Integrator. |
In reply to this post by samhamilton
Yeah, that sort of thing is concerning. Hopefully they'll have requirements that scale with the size of the company like the do for PCI. If not then it means for things like OFBiz that it will be more expensive when it is possible, and that smaller services companies will have a hard time competing, which would be a real shame. On the other hand, it would open up a market for those who do these, and perhaps if they specialize in doing these audits for a particular software package they can get the price down from these astronomical highs. I haven't looked into what other CC companies are doing about, but maybe this will be a big break for cards that are not either "Visa" or "MasterCard"... ;) Wouldn't that be funny, online shops that only take AmEx and Discover instead of usually not accepting those. Realistically, as was mentioned, it would probably mean more companies using external payment processing like PayPal, Google Checkout, etc, etc. With PCI stuff getting more teeth lately I've even heard from a few moderately sized shops that are going in this direction (ie no local CC storage whatsoever). -David On May 24, 2009, at 6:04 AM, Sam Hamilton wrote: > I had never heard of PA-DSS until I bumped into this blog post - http://www.merchantaccountblog.com/735/pa-dss-and-you-thought-pci-was-a-mess > Its scary beast that has the potential to rip the heart out of open > source e-commerce if the credit card companies come down hard > requiring this. > If you use the ecommerce app I would have a good read of this. > > Sam > |
Free forum by Nabble | Edit this page |