Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 2 of 2

Thread: If I only use google checkout and paypal, do I still require PCI?

  1. 01-28-2011, 06:41 PM #1
    ecommboy is offline Junior Member
    Join Date
    Sep 2009
    Posts
    3

    Default If I only use google checkout and paypal, do I still require PCI?

    A little confused, if I outsource my credit card handling to say google or paypal, do I still need to pass PCI or it becomes irrelevant since I am outsourcing it?
  2. 02-23-2011, 02:55 PM #2
    brightspectrum is offline Member
    Join Date
    Feb 2008
    Location
    Seattle, WA
    Posts
    41

    Default

    PayPal WebSitesPayment Pro and Google Checkout are PCI compliant so if you are not storing Credit Card information and just having them do the processing I don't believe that you should not need to do any additional PCI Compliance because you won't have a merchant account with anyone. You will still need to ensure that you have an SSL certificate for the site.

    I would still however change from regular FTP to FTPES on your server and have all non-essencial ports blocked. If you have a dedicated server you might even change your RDC port (3389) to a different port. These are some PCI compliance steps and they just keep ALL user data a bit safer. They're also just good practice in general.
    Chidozie Bright
    Bright Spectrum Inc
    Bright Ideas. Creative Solutions