I haven't used authorize.net, but basically, if this is an asynchronous processor (eg, the user is sent offsite to an authorize.net page to input their CC details), then PCI-DSS is not a concern for you, as you are not handling the CC transactions yourself. PCI-DSS compliance is one of the main reasons to 'outsource' CC processing to an async processor who handles card details for you. One example of a processor for GetPaid that does this is the getpaid.pxpay plugin, which uses PaymentExpress to handle the CC details (http://www.paymentexpress.com/index.html).
regards, Darryl Dixon Winterhouse Consulting Ltd http://www.winterhouseconsulting.com On Fri, Jun 25, 2010 at 5:13 AM, mwinkle <[email protected]> wrote: > We're using GetPaid with authorize.net for a client, and now their > credit card merchant is saying they need to be PA-DSS compliant. > > Has anybody have any information on this? > > Thanks so much! > > Melody Winkle > Web Collective > > -- > GetPaid for Plone: http://www.plonegetpaid.com (overview info) | > http://code.google.com/p/getpaid (code and issue tracker) > You received this message because you are subscribed to the Google Groups > "getpaid-dev" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected]<getpaid-dev%[email protected]> > > For more options, visit this group at > http://groups.google.com/group/getpaid-dev?hl=en?hl=en -- GetPaid for Plone: http://www.plonegetpaid.com (overview info) | http://code.google.com/p/getpaid (code and issue tracker) You received this message because you are subscribed to the Google Groups "getpaid-dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/getpaid-dev?hl=en?hl=en
