Hi,
I have to fill out the PCI questionnaire. I enabled Authorize.net payment method only.
Please could you confirm the answers I have for the following points:
Your company does not store, process, or transmit any cardholder data on your premises, but relies entirely on a third party to handle these functions.
=> Yes, Nopcommerce stores only the last 4 digits of the credit card and masked it, right?
Your company has confirmed that the third party handling storage, processing, and/or transmission of cardholder data is PCI DSS compliant.
=> Yes Authorize.net is.
Your company retains only paper reports or receipts with cardholder data, and these documents are not received electronically.
=> I guess so
Your company does not store any cardholder data in electronic format.
=> Again Nopcommerce stores only the last 4 digits of the credit card and masked it