Announcement

Collapse
No announcement yet.

PCIDSS - Wishlist feature??

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    PCIDSS - Wishlist feature??

    PCIDSS standards state under no circumstances store the CVV code of a card... any chance of an option within Actinic to nuke out the CVV code of all completed orders, and any other details necessary to comply with PCIDSS??

    See https://www.pcisecuritystandards.org...i_dss_v1-1.pdf

    Other than that, does Actinic comply with rest of PCIDSS standards with regards transmission and encryption of data?
    Cheers!
    Marci - <a href="http://www.Over-Clock.co.uk" target="_blank">www.Over-Clock.co.uk</a>
    Tags: None
    #2
    here you are

    http://www.actinic.co.uk/pci-dss.htm

    Essentially if you use PSP you are ok as CC detail is not broadcast

    peeps who manually process will have to find PCI compliant hosting and get their internal systems approved too.

    doesn't V8 have a virtual cc shredder?

    Comment

      #3
      Ta fer the linkage...!

      peeps who manually process will have to find PCI compliant hosting and get their internal systems approved too.
      We use shared-ssl then manually process thru PDQ for CC and Debit transactions, and PayPal so folks can... well, pay with paypal accounts... everything here locked down as per guidelines... firewalled, passworded multiple times on any machine with access to orders (bios, windows, Actinic itself) all different (strong) passwords.

      doesn't V8 have a virtual cc shredder?
      If it does, I'm not aware... not spotted it... there's an "encrypt existing credit card data" option greyed out under Housekeeping, but that's all I can spot - assume thats a Business and above feature...
      Cheers!
      Marci - <a href="http://www.Over-Clock.co.uk" target="_blank">www.Over-Clock.co.uk</a>

      Comment

        #4
        everything here locked down as per guidelines
        since you are using SSL you will need pci compliant hosting to ensure security of the cc data on the server and during passage to your pc.

        this is not covered by actinic

        Comment

          #5
          If I'm reading the Actinic document properly, my understanding is that the software itself is compliant, so long as encryption has been enabled. Is this correct?
          Cheers

          David
          Located in Edinburgh UK
          http://twitter.com/mcfinster

          Comment

            #6
            Not necessarily....there isn't anything in the statement to say the software is compliant on its own. The statement only says when using a PSP can a merchant be considered compliant, this is because actinic software does not hold/store/process any CC data.

            If you are manually processing CC, then you have to rely on actinic's encryption etc - this has not yet got compliancy AFAIK.

            If you are manually processing you also need your host to be compliant as this is where the CC data is stored, for a host to offer compliancy they can only run compliant software on the server.

            The deadline for compliancy in the UK has now been extended to next summer

            Comment

              #7
              So before we even consider the other implecations of this we really need a statement from Actinic on if/when it will be compliant! Hopefully they will read this thread!
              Cheers

              David
              Located in Edinburgh UK
              http://twitter.com/mcfinster

              Comment

                #8
                doesn't V8 have a virtual cc shredder?
                I started a wish list for one ages ago - didnt jan produce one?

                Comment

                  #9
                  Originally posted by RuralWeb
                  I started a wish list for one ages ago - didnt jan produce one?
                  Yes it's in one-stop order processing, press a little button and it's all zapped

                  One of my favourite buttons, means the money is in
                  Miranda Stamp
                  Twinkle Twinkle
                  www.twinkleontheweb.co.uk
                  Cloth nappies, natural toiletries, organic baby clothing, potty training aids, slings and more...

                  Comment

                  Previous template Next
                  Working...
                  X