Thanks for the input everyone, we are forced to go with the PxPay hosted payments page.
Michael: PxPOST is a 2nd party method of getting around PCI compliance, DPS is PCI compliant so a service like PxPOST allows you to send the card details straight to them. This has been the case up until recently, and is still the case with the Australian banks over here. Dan: Good point re. the trust element in NZ for DPS. It is interesting though that ASB has changed its interpretation of PCI compliance. If you are not storing the information in any kind of persistent format (beyond the page execution) then surely your exposure to the information is the same as the user's keyboard, keyboard driver, operating system, browser etc. It is worrying that banks are moving to this interpretation of PCI compliance. The flexibility with the PxPAY hosted payments page is severely lacking, I know of a good few designers that have cried when putting the hosted payments page in their website design. If DPS came up with a solution where you could create your own HTML for the page, things might be a bit more tolerable. Any DPS employees on the list? Cheers, Stig -- Stig Manning http://www.sdm.co.nz --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
