Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 4 of 4

Thread: Sage Pay & PCI DSS

  1. 07-23-2010, 01:09 AM #1
    Alexnet is offline Junior Member
    Join Date
    Dec 2008
    Posts
    7

    Angry Sage Pay & PCI DSS

    Hi,
    I'm using ASDNSF 8.0 to develop a e-comm website.
    And my customer required using Say Pay as payment gateway.

    Here is the requirements:
    1.The website needs to be developed to be fully PCI DSS compliant.
    2.3D secure must be implemented.

    I've never used Say Pay as payment and am not familiar with PCI DSS.
    I know that ASDNSF 8.0 supports Sage Pay. But someone reported there are some issues in using Sage Pay, and it is here: http://www2.aspdotnetstorefront.com/...ad.php?t=17995

    And I've viewed their PCI PA-DSS Acceptance Letter for AspDotNetStorefront ML v8.0.
    It said:"For U.K./EUR 3-D Secure support, those are built directly into the EUR gateways: ProtX, Cybersource".
    They didn't mention Sage Pay.
    And in this page:http://manual.aspdotnetstorefront.co...ront-faqs.aspx.
    They said:As a PCI DSS certified application, AspDotNetStorefront helps attain that compliance.

    My question are:
    1.Dose ASDNSF 8.0 support Sage Pay that is fully PCI CSS compliant?
    2.If not, what can I do? Upgrade to version 9 or add some plug in?
    3.How to deal with 3D secure to Sage Pay that my customer required?

    Is there any gentleman can help me?
    Last edited by Alexnet; 07-23-2010 at 02:35 AM.
  2. 07-23-2010, 02:10 AM #2
    webopius is offline Senior Member
    Join Date
    Nov 2008
    Location
    London, UK
    Posts
    440

    Default

    Hi

    I'll let the ASPDNSF team comment on PCI/PA-DSS compliance but I can tell you that we've used the SagePay gateway successfully in client sites since v7 (when it was Protx) and more recently within v9 with the SagePayUK gateway.

    In all these instances, we've been using 3DSecure which is supported 'out of the box'.

    We've also been able to make a few improvements to the processing including converting the SagePay error codes '5011' into meaningful descriptions 'The card number appears to be incorrect. Please check and re-enter' in the checkout payment page.
    Webopius.com: ASPDotNetStorefront web development and ecommerce project management
    Webopius is now a Sage Pay Approved Partner
  3. 07-23-2010, 12:13 PM #3
    AspDotNetStorefront Staff - Scott's Avatar
    AspDotNetStorefront Staff - Scott is offline Administrator
    Join Date
    Mar 2007
    Location
    Ashland, OR
    Posts
    2,390

    Default

    1 & 2- Our software is PA-DSS certified, that's really the only part we can comment on. If you install our software and follow all the security best practices we post in the manual, you can obtain PCI compliance, but there's MUCH more that goes into it than just the software. You'll have to talk to Sage Pay for their portion of it.

    3 - Some gateways support 3D secure natively, and some do not. SagePay (formerly Protx) does support 3D secure - http://manual.aspdotnetstorefront.co...3d-secure.aspx
    ECommerce Shopping Cart
  4. 07-24-2010, 07:24 PM #4
    Alexnet is offline Junior Member
    Join Date
    Dec 2008
    Posts
    7

    Default Thanks very much

    Thanks very much!

    You said:Our software is PA-DSS certified.
    But my customer required is PCI DSS. Do you mean PA-DSS includes PCI DSS ?

    I'm using ASPDNSF 8.0.
    Do 3D secure and PCI DSS are supported in version 8.0 or just supported in version 9.0?

    I just want to make sure to these questions.