Announcement

**RuralWeb** · 16-Apr-2008, 05:32 PM

If you do a search you will find a HUGE thread on the subject of compliance and Barclays

**Shirley Beech** · 16-Apr-2008, 09:42 PM

Mal,

Many thanks for trying to help. I had realised this, but feel that many users are not using an electronic PDQ to charge for orders, but are using a PSP. We had a shop for 13 years and continued using this method when we became an e-commerce site.

Surely there must be some hosts out there, who are PCI Compliance compatible without resorting to PSP payments.

Shirley

**leehack** · 16-Apr-2008, 09:50 PM

I think you may have missed the whole basis of PCI. If you do not use a PSP, where are the card details held and how it is compliant, given that actinic software does not meet the guidelines? Spend your time investigating which PSP to use, cos sure as damn it, a PSP is one thing you will have to do. Actinic payments launches soon, take a look into it, sounds perfect for you.

**RuralWeb** · 16-Apr-2008, 09:56 PM

Jo at pinbrook has compliant hosting but as lee says checkout all the options first as a psp such as the new actinic system is the way to go. Downloading card details will soon be a big no no.

**pinbrook** · 16-Apr-2008, 10:23 PM

We aren't offering compliant PCI hosting on shared servers as it is simply not possible to do so. We could get compliance and then someone uploads a dodgy script and POP goes our compliance for 3 months.

We only offer PCI compliant hosting on dedicated servers.

**Shirley Beech** · 17-Apr-2008, 07:09 AM

Originally posted by leehack

I think you may have missed the whole basis of PCI. If you do not use a PSP, where are the card details held and how it is compliant, given that actinic software does not meet the guidelines? Spend your time investigating which PSP to use, cos sure as damn it, a PSP is one thing you will have to do. Actinic payments launches soon, take a look into it, sounds perfect for you.

Leehack,

I had given our name for information on the Actinic payments which is launching soon, and am waiting for info.

I just wish it was possible to continue the way we are going with a Host who is PCI compliant. It would be so much easier, as if we find we are out of stock, and the item no longer available from our supplier, then we have to issue a credit with a PSP, whereas now we only have to credit on an occasional basis, because we do not charge normally until the items are despatched.

In my innocence I thought that the extra expense we paid for a "secure padlock" gave extra security also, but I am now wondering if this mean nothing with the PCI Compliance thing.

Regards

Shirley

**Shirley Beech** · 17-Apr-2008, 07:10 AM

Originally posted by RuralWeb

Jo at pinbrook has compliant hosting but as lee says checkout all the options first as a psp such as the new actinic system is the way to go. Downloading card details will soon be a big no no.

Mal,

Thanks. Hopefully my nightmares will come to an end when Actinic sort it. However, am I correct in wondering if I will have to update from v7 to make it possible.

Regards

Shirley

**Shirley Beech** · 17-Apr-2008, 07:12 AM

Originally posted by pinbrook

We aren't offering compliant PCI hosting on shared servers as it is simply not possible to do so. We could get compliance and then someone uploads a dodgy script and POP goes our compliance for 3 months.

We only offer PCI compliant hosting on dedicated servers.

Jo,

Thanks for your comment. I had intended getting in touch with you to see if you were complaint for our needs. It would appear however that one has to buy a server, and I am not that clever to handle that as well. If I am wrong do please let me know.

Regards

Shirley

**RuralWeb** · 17-Apr-2008, 07:36 AM

yes you will need to upgrade to v9 for the new payments system but it will mean you don't need a dedicated server so it may be cheaper in the long run to upgrade. If you have cover then the upgrade is free but even if you don't then upggrading is the way ahead as v7 is very old now and with v9 you will soon make your money back in increased sales.

**leehack** · 17-Apr-2008, 07:45 AM

Originally posted by Shirley Beech

I just wish it was possible to continue the way we are going with a Host who is PCI compliant. It would be so much easier, as if we find we are out of stock, and the item no longer available from our supplier, then we have to issue a credit with a PSP, whereas now we only have to credit on an occasional basis, because we do not charge normally until the items are despatched.

I still think you have the wrong angle of looking at this, it's about your payment processing more than your hosting. UNcompliant hosting + compliant PSP is fine. You have the option for pre-auth with PSPs, I think this is going to become the law to use in the future, so you are only taking money when shipping the products.

The days of your own padlock and downloading orders onto your PC to process manually are finished and rightly so. 50% of site owners can still not grasp taking a snapshot each day and storing it safely, how on earth can we put these people in charge of 1000's of credit card details? More important than that, if their system gets robbed, they present a thief with 1000's of card numbers and addresses AND they have no backup records of the sales most of the time.

Some Actinic users are seriously walking a tight rope, the quicker they are forced to protect things properly, the better. There is a big case with a huge compensation claim just waiting around the corner for someone at the moment, once it happens, everyone will run round like headless chickens getting a PSP.

**Shirley Beech** · 17-Apr-2008, 08:19 AM

Originally posted by RuralWeb

yes you will need to upgrade to v9 for the new payments system but it will mean you don't need a dedicated server so it may be cheaper in the long run to upgrade. If you have cover then the upgrade is free but even if you don't then upggrading is the way ahead as v7 is very old now and with v9 you will soon make your money back in increased sales.

Lee,

Thanks for that advice. Is it possible then that with Actinic Payments we will be able to take back orders and charge when the goods are despatched, rather that the Payment company taking all the money when the order is originally placed?

Regards

Shirley

**leehack** · 17-Apr-2008, 08:27 AM

I believe so Shirley yes, but i am somewhat in the dark on it also. Croccy knows more about it than me, i just wish it was launched and ready to use, there has been enough hype and talk about it, let us bloody see it now!

I think AP is the most excitement we've had since V8 was launched, it's a sad world in web design, or maybe it's just me who is sad.

**Shirley Beech** · 17-Apr-2008, 08:37 AM

Originally posted by leehack

I believe so Shirley yes, but i am somewhat in the dark on it also. Croccy knows more about it than me, i just wish it was launched and ready to use, there has been enough hype and talk about it, let us bloody see it now!

I think AP is the most excitement we've had since V8 was launched, it's a sad world in web design, or maybe it's just me who is sad.

Lee,

Let us hope so, we could have "Self Certified" but decided to go the correct route, and what a minefield it has turned out to be.

Sorry don't know what "AP" stands for. Do hope it all works out eventually, sincere thanks for your help and support. When you read other forum messages, it is good to know we are not the only ones who has been having problems with it.

Regards

Shirley

**leehack** · 17-Apr-2008, 08:39 AM

AP = Actinic Payments. It has been a minefield and many of us are hoping that the Actinic helicopter lifts us out shortly, we can only walk round for so long before we lose a leg.

Announcement

PCI Compliance + Barclaycard PDQ + v7

PCI Compliance + Barclaycard PDQ + v7

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment