Hi,
I have to fill out the PCI questionnaire. I enabled Authorize.net payment method only.
Please could you confirm the answers I have for the following points:
Your company does not store, process, or transmit any cardholder data on your premises, but relies entirely on a third party to handle these functions.
=> Yes, Nopcommerce stores only the last 4 digits of the credit card and masked it, right?
Your company has confirmed that the third party handling storage, processing, and/or transmission of cardholder data is PCI DSS compliant.
=> Yes Authorize.net is.
Your company retains only paper reports or receipts with cardholder data, and these documents are not received electronically.
=> I guess so
Your company does not store any cardholder data in electronic format.
=> Again Nopcommerce stores only the last 4 digits of the credit card and masked it
PCI Compliance CC Storage
团队成员
- 16612
- 155815
- 2008/10/22
- Armenia
Everything is correct. But I'm not sure about the second question. I think they mean nopCommerce (not Authorize.net as you answered). nopCommerce is PCI Compliance, but it's not officially certified.
- 35
- 1025
- 2011/3/4
- United States
Thanks Again Andrei.
I think you are right for the second question. Do you think we are fine to answer yet to this question. Nopcommerce complies with PCI DSS, it is just a matter to be certified I supposed, and I guess that will not happen any time soon?
Do you have any document that you could share on the nopcommerce PCI compliance point?
Joel.
I think you are right for the second question. Do you think we are fine to answer yet to this question. Nopcommerce complies with PCI DSS, it is just a matter to be certified I supposed, and I guess that will not happen any time soon?
Do you have any document that you could share on the nopcommerce PCI compliance point?
Joel.