On Wed, Apr 10, 2013 at 3:22 PM, sparky <cfspa...@gmail.com> wrote: > @ke1g thats a very sweeping generalisation. > > personally, we are PCI DSS level 2 compliant, have scans and all data is > transmitted using SSL. we are resellers > we also NEVER store card details EVER only transmit! I'm a newbie to > Django but have implemented > sagepay on 3 other languages on sites which takes thousands a day over the > last 5 years (when it was Protx) > > have you ever used sagepay? you don't need to store card details they also > offer VSP form and server. >
If the info passes through RAM on your server, and somebody roots it, they can capture the information. If I redirect the user to Authorize.net to collect the CC info, then I can feel relatively safe deploying to the cloud, or wherever most folks tempted to use these tools are going to deploy. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
