> Thats the first time I heard of this, yet we've not been looking at > E-Commerce for a while. When I read up on the compliance on Wikipedia, it > sounds like most issues should be covered by DPS and your ISP. Do you have > examples of what is necessary for compliance?
In a nutshell (and for a low volume merchant) Answering 'yes' to every one of several pages of questions, some are very sensible and obvious and some are bordering on being irrelevant in many instances, like for example - your server(s) must have regular virus scans, which in effect means running a virus-scanner on a *nix machine while scanning for Windows viruses. However 'N/A' is not an option to answer any question except for the ones around Wireless. And then there's the issue of liability. You'd want to look at $10-million insurance for each card scheme you accept (Visa, Mcard, Amex etc). In short I would strongly advise any small company who doesn't already have a legacy 2-party facility not to bother even starting on this track. On that subject I am aware there is an individual offering several thousand dollars to buy a ltd company entity with a 2-party facility. This should further put this matter into perspective. mtcw- Michael --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [EMAIL PROTECTED] -~----------~----~----~----~------~----~------~--~---
