Announcement

Collapse
No announcement yet.

Integrating Sage Pay VSP Direct into Actinic

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
    #1

    Integrating Sage Pay VSP Direct into Actinic

    Can someone please point me in the right direction of some information about integrating Sage Pay's VSP Direct into Actinic? (i.e. payment taken on-site.) We can only seem to get the VSP Form version working under "payment and security". Having got a working SSL certificate and PCI DSS-compliant site tweaked to perfection, there is no reason for us to use the slightly ugly looking Sage Pay form which is likely to turn a slim percentage of customers away.

    I can't seem to find any posts on this - maybe I'm just missing something.

    Many thanks in advance.

    Matt
    Tags: None
    #2
    Not missing anything, it's not possible AFAIK. Actinic have stated their software is not PCI compliant, intrigued to see how you overcame that? Can you show them how to do it?

    Comment

      #3
      That's disappointing to hear. Is it possible to integrate any other PSPs in this way? We want to use a PSP such as (though not strictly limited to) Sage Pay for the purpose of post-processing admin and heightened security, but it would improve customer experience if it didn't take them to a third party form.

      Will Actinic improve their software to be fully compliant in the coming months as many of the PCI regulations become compulsory? What about PayPal Pro? Correct me if I'm wrong, but if PP Pro can be integrated directly so that payment is made on-site, when the regulations are made stricter will this no longer be an option for Actinic users?

      Matt

      Comment

        #4
        You can buy the integration kit, but it will cost you serious coinage to buy and then it has to be written also. PPPro is not compliant and it's a dog of a solution anyway, anyone using that needs help IMO. Actinic Payments is the best integrated solution now as you can speak directly to that from within actinic (the only one to do this).

        I don't see actinic becoming compliant, there is no need for it, use a PSP and be done with it. Long term only the people who own the card should be seeing its details using a 3rd party system. This should be without exception IMO. SSL is dead, shared SSL is dead, PSP is the future. Integrated PSPs as with AP is the ultimate.

        Comment

          #5
          only the people who own the card should be seeing its details using a 3rd party system
          ...and what about MOTO?

          are you suggesting using a different system and incurring additional costs to process MOTO? Or are you making the assumption that everyone is happy to shop online?

          Comment

            #6
            If you use MOTO then i would suggest AP this can take card details directly and still never have them stored on your pc, i have used it a few times and it works well.

            As Lee said PSP's are the way to go however i understand what your sayiong about the ugly payment pages, another reason i like AP as this can be customised to look similar to your site.

            Comment

              #7
              If you use MOTO then i would suggest AP this can take card details directly and still never have them stored on your pc
              Makes perfect sense to me.

              Where are you getting your (dis)information from Leehack? - Actinic clearly state that Actinic Payments is 100% PCI-DSS compliant

              Comment

                #8
                If you read things properly, you'll see that I suggested nothing to the contrary at all. Therefore please don't comment on my (dis)information, by using (dis)information of your own . Actinic Payments and Actinic are not the same thing, Actinic is the software, Actinic Payments is the PSP.

                Comment

                  #9
                  Actinic have stated their software is not PCI compliant
                  sorry, which bit am I not able to read?

                  Comment

                    #10
                    You've somehow read the word "Payments" in between the first 2 words, which is not what i wrote. You're confused between software and a PSP, the software is not PCI compliant (doesn't need to be when using a PSP), the PSP is responsible for the compliance.

                    Comment

                      #11
                      First i can't read, now I am confused.

                      Would you like to patronise me some more before I report you to the moderator?

                      The question is still valid - where are you getting your information from that Actinic software is not PCI-DSS compliant?

                      Comment

                        #12
                        I'd rather you report me immediately, thanks.

                        There are very few occasions when an experienced user will make such a mistake and then compound it a few times after still spurting out the same 'disinformation'. Whenever you feel you have found such a situation, rest assured you have not, it is you misunderstanding things.

                        "Actinic Payments" the PSP was actually born out of the lack of compliance in the software "Actinic". PCI Compliance was born about 18 months ago, it started to be discussed on here about 2.5 years ago. It's all been discussed and all the answers lie within.

                        After you've spent time reporting me, have a read of the huge thread already in here on the exact same subject. It will answer all you need to know and you will see that disinformation did not occur at all, it was a mere misunderstanding by you.

                        Comment

                          #13
                          Actinic is a flexible piece of software that can be PCI compliant or not, it all depends on how you use it. This page gives details of how to use it in a PCI compliant way :

                          http://www.actinic.co.uk/pci-dss.htm

                          however, if you choose to enter and store CC details in plain text in the database (which you will do if you deactivate the CC encryption methods) then you will not be PCI compliant.

                          Regards,
                          Jan Strassen, Mole End Software - Plugins and Reports for Actinic V4 to V11, Sellerdeck V11 to V2018, Sellerdeck Cloud
                          Visit our facebook page for the latest news and special offers from Mole End

                          Top Quality Integrated label paper for Actinic and Sellerdeck
                          A4 Paper with one or two peel off labels, free reports available for our customers
                          Product Mash for Sellerdeck
                          Link to Google Shopping and other channels, increase sales traffic, prices from £29.95
                          Multichannel order processing
                          Process Actinic, Sellerdeck, Amazon, Ebay, Playtrade orders with a single program, low cost lite version now available from £19.95

                          Comment

                            #14
                            Thank you Jan.

                            That is most helpful, I didn't think it was a straight-forward black and white issue.

                            The reason I waded into this discussion was because I'm contemplating using the MOTO feature of Actinic software with Actinic Payments.

                            It sounds like there is no PCI-DSS issue with doing that, provided CC details are either a) not stored at all, or b) encrypted.

                            Comment

                              #15
                              nope storing card details in an encrypted format is still pci NOT compliant, you need to have a complex encryption routine that has two key phrases that not one person in the organisation knows both. Unfortunately Actinic does not do this and from my understanding never will.

                              I have read this thread more than once now and still do not understand how you feel Lee has given incorrect information, IMHO he is correct in stating you have miss understood what you have been told, to me you have confused Actinic and Actinic Payments as the same thing

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X