the PCI standards. If your form collects a number an passes it on to
the processor, you could also be vulnerable.
On Jun 18, 2:09 pm, surtyaar <aaron.su...@gmail.com> wrote:
> Hi Bobby,
>
> You might be interested in a django clone of the sample shopping cart
> chase paymentech provided (http://store.e-xact.com/).
>
> You can get the code and setup instructions here :http://github.com/gitaaron/E-xact-django-clone
>
> Rgds/
> Aaron
>
> On Apr 20, 10:34 am, Bobby Roberts <tchend...@gmail.com> wrote:
>
>
>
> > Hey Bill -
>
> > It is my understanding that as long as you do not store credit card
> > information on your servers, PCI compliance is not an issue. Chase,
> > Authorize.net, Paypal, ilovechecks.com etc all have API gateways to
> > handle the transactions via https protocol which satisfies the
> > industry financial standards. I'm just wondering if anyone has infact
> > worked with the Chase API before
>
> > On Apr 20, 10:17 am, Bill Freeman <ke1g...@gmail.com> wrote:
>
> > > Beware! There are a number of security vulnerabilities you can have when
> > > handling credit card numbers. There is something called PCI (Payment Card
> > > Industry, if I'm not mistaken) compliance, the intent of which is to
> > > try to avoid
> > > some of the big credit card number stealing hacks that have been in the news
> > > in recent years.
>
> > > For most sites it is better to deal with someone like Authorize.net: These
> > > services let you point your "checkout" link at them, either with a back channel
> > > identified by order number (which you add to the url) to pick up the total, and
> > > perhaps the item list, or a way to provide that in the get or post
> > > with a suitable
> > > signature. They host a page that you get to style, so you can have,
> > > for example,
> > > your color scheme and logo. They accept the credit card information, do the
> > > dance with the payment processor (such as Chase Paymentech), and, if
> > > payment is successful, send you a packet, email, or provide a webservice
> > > where you can check, so that you know to "ship". These services do all the
> > > PCI compliance diligence. You are safe because the credit card information
> > > never touches your website.
>
> > > On Mon, Apr 19, 2010 at 10:17 AM, Bobby Roberts <tchend...@gmail.com> wrote:
> > > > Has anyone out there integrated a payment module in django over to
> > > > Chase Paymentech to process credit cards? I'm looking for sample code.
>
> > > > --
> > > > You received this message because you are subscribed to the Google Groups "Django users" group.
> > > > To post to this group, send email to django-users@googlegroups.com.
> > > > To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
> > > > For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.
>
> > > --
> > > You received this message because you are subscribed to the Google Groups "Django users" group.
> > > To post to this group, send email to django-users@googlegroups.com.
> > > To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
> > > For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups "Django users" group.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
> > For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment