It's not really about whether you have or haven't had any problems up to now, though. It's about whether the payment provider you use is compliant with current regulations for online card processing. And PayPal Pro isn't.

I'm confused by this, why is there such negativity with PayPal Pro?

I have been using it, and think it's great, but then again, I do more business on Ebay, and hence PayPal is my main channel.

I took Secure Trading off my website and replaced it with PayPal Pro so everything was going into one place which made admin easier.

I was also happy with Secure Trading, but obviously I cannot integrate that with my Ebay store.

So come January the 21st, I looks like I need to bin PPP.

It looks to me like there needs to be a 3D Secure pop-up type thing integrated into the Actinic 'Credit cards details captured for later processing' method, or am I wrong?

Is Actinic going to turn their back on PPP or do something about it? If the former is correct why integrate it in the first place? and, what would happen to their PayPal partner status? (https://www.paypal-marketing.co.uk/p...ppingCart.aspx).

I did ask Actinic but got the reply "I’m afraid I’m going to have to pass this to development/management for their comments", and I cannot get an answer for this, which is the most annoying part of the problem.

So, do I wait for the 21st or act now, as I still have my Secure Trading account.


Thanks

Martin

It's not PCI Compliant, i think that ends all sensible discussions on it surely?
If you are using it, you've been going against the regulations for coming up to 2 years now. It's a bit like saying you've been driving your car round on bald tyres for 2 years, but because the police haven't caught you and you haven't needed to do an emergency stop and you haven't also had a puncture, that it's fine and why do you need to visit kwikfit yet.

I've been told it is, although not level 1

Whether it is compliant or not is a discussion now done to death and not worth entering into in this thread. Let's for arguments sake say that for 2 years most actinic users and actinic themselves have been wrong though and evaluate the solution for its merits. Well for me the way it looks on page and confuses the checkout process is enough to bin it, its hideous IMO and always has been.

It got off to a terrible start for sure, blame the Hungarians for that 6 months etc etc. but it just doesn't strike me as anything a company would strive to have on their site. Normal Paypal is fab and strongly recommended as a second payment method on a site, as the main PSP, not for me and a lot of people as I understand/see. I can't recall one of my clients using it or even considering it to be honest.

It's all about opinions though as with most things, it would be the last PSP i would ever consider personally.

really?

maybe when your using paypals OWN website it might be but taking card details on your website is a different country let alone ball park

Well, after the rather direct responses I have received I have taken PayPal Pro off my website, and re-instated my Secure Trading account, which does work very well.

My only reason for going down the PayPal Pro route was because of the amount of transactions which I take through my Ebay Shops, it made sense from an admin point of view to have everything in one place.

I also considered the taking of details on my own website to be better, as I thought it look more professional than being re-directed to another website.

I run a business, and I am a customer of Actinic, paying them, what I consider to be a considerable yearly maintenance cost, for very little support.

I am not a developer, and the responses I have received seem to suggest this forum is for developers only, and anyone who doesn’t know all the technical terms involved in developing a website (a non-developer) shouldn’t be on here.

I pay Actinic for a product, which should allow me to trade online, legally, in compliance with current regulations etc etc, which is not only safe for me, but safe for my customers. That is why I pay for a service, so I can worry about other things which crop up when running a business. In much the same way I pay for PAT testing, so I know my premises are safe for my staff, and have the boiler serviced by an expert, so my staff are warm and it isn't going to leak gas.

I pay Actinic to provide a similar service to me, i.e. to be the expert within that domain, so I don't have to be. Because I consider Actinic to be the experts for my website, I assume it to be safe, and not to land me in trouble further down the line.

I am not a developer, this is why I chose an off-the-shelf solution from Actinic, thinking things like this would be sorted for me, so I can get on with my core business.

An answer such as “it’s not PCI compliant is it” means nothing to me, as far as I am concerned, it should be.

I came asking for advice on here because Actinic support have avoided 3 times now to answer this question, which again makes me wonder, what I am pay for exactly?

If this method of taking payments leaves me open to fines etc, it simply shouldn’t be available for me to implement.

What a clique this forum is.

oooh

Martin some things worth remembering

This forum is for all walks of life, a search here for pci-dss with reveal a whole wealth of information about the subject as would a search for paypal pro - you can still use paypal on your website, just dont use paypal pro though.

If you in business as you say you are then you have the right idea about letting people deal with stuff you dont know about however pleading ignorant is not the answer either.

Actinic do not promote their software as being pci compliant they recommend the use of psp's that are though.

As business owner you are responsible for understanding what is required, you would not tell tghe tax man you did not know you have to pay him because your not an accountant would you?

as for clique forum comment you have probably just offended a number of users as this sort of attitude resulted in the drop out of few well respected members with alot of knowldege when people started moaning about the responses, this knowledge is sadly lacking here these days

ps i am not a website developer im a business owner amongst other things

Martin, I generally agree with your sentiments.

The problem is that the area is very complex. The difficulty is that Actinic is able to run in a variety of environments and with a variety of third party providers. Even making statements publicly is hard as they have to be agreed with partners. Without mentioning names we have two definitive public statements in this area which we have prepared but which are still awaiting approval from big third parties before we can release them.

In general, it's a bad idea for any small merchant to collect card details on their site, and we've been saying this for ages. Using Secure Trading (or Actinic Payments), we can provide straight-forward instructions to comply with PCI DSS. It's all documented on our web site.

Chris

It is the business owners responsibility to ensure they trade within current regulations. PCI-DSS has been bubbling under for a couple of years now, as a business owner YOU have to show you process credit cards in a secure manner.

Actinic has built actinic payments to deal with this, thus you can choose to use this and thus be PCI-DSS compliant,although you will still need to fill in questionaires from your bank to prove this. There are other PCI providers incorporated ie secure trading, sagepay, worldpay. Paypalpro however is not compliant

Taking credit cards on your website, may, in your view, look more professional but nowadays is not deemed viable unless you are a multi-million turnover business ie Level1. Most actinic users seems to fall into Level4 ie self certify.

As a shopper I now look for 3rd party processing as i know this means my card detail will not leave a secure PCI compliant environment. Nowadays i simply do not shop on a smaller site that doesnot use a PSP.

This is one of those situations where as an online shopkeeper you can not pass the buck to Actinic, you have to run your shop within current legislation.

Many of us have questioned the validity of PayPalPro, but for the majority of Actinic shop keepers it is a non starter, but it does have a place in some business models hence its inclusion (not to mention the backhander from PP to actinic)

That makes sense.

And how do I find that out in terms of taking credit card payments?

http://www.actinic.co.uk/services/pci-dss.htm - this is quite readable


https://www.pcisecuritystandards.org/index.shtml - this is more challenging

apologies accepted

It is unethical of Actinic to make this available for use in my opinion.

They appear to be a developer tool, for people 'in-the-know' rather than a system the man in the street can use to get up and running.

What ticks me off most, is the lack of support when I have asked about this, email's not replied to and phone calls not returned.

The telephone support I receive from Secure Trading is excellent, they have a very helpful attitude, and explain to me, what I need to know, this is the service I regard I am paying for.

The only help I have had from Actinic on this issue is firstly "use Actinic payments", secondly, "he is in today, he'll call you back". Which led me to this forum, great.