[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Mon, 26 Apr 2010, Julian Hall wrote:
Hi All,There was a thread a couple of weeks ago about PCI Compliance. This article may be of some use:
That was started by me... And oddly enough, it's all gone quiet... The site in question passed all their automated testing with a score of zero. (over 4 is bad)
Basically, the banks are bullying customers into having this (and paying for it), even when they do not store, even temporarily, credit card details. Since doing this, I've done a bit more research via local business contacts and it's rife. Even small shops with nothing more than a PDQ machine are being bullyd into having their ADSL lines tested by their (the banks) recomended supplier of PCI compliance.
Sure - if you're storing credit card details, then I accept that additional precautions are well in-order, but for the average punter using an external payment processor (e.g.) sage pay or a binay code blob supplied by the bank, then it's out of order IMO.
Still - you can get PCI compliant hosting for £1.59 a month if you look hard enough, so what value does that place on the market?
Gordon
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html