On Tue, May 9, 2017 at 5:14 PM, Jason Stephenson <ja...@sigio.com> wrote:
> Josh, > > Using PayPal is similar to Stripe, since the transaction is completed > via PayPal and the CC data is not stored in Evergreen. > PayPal (including PayFlowPro) and Authorize.net both require CC data to pass through the EG server network, before getting relayed to the PayPal/Authorize.net API server. The card data may not be stored in Evergreen's database, but traversing the network alone is enough to require a hefty amount of PCI compliance work. Stripe is the only option where the data never touches the EG server network. -b > > We disabled the staff client credit card interface by commenting out the > relevant menuitem in Open-ILS/xul/staff_client/server/patron/bill2.xul. > (IANM, that relevant menuitem is on line 107.) We have not made a > similar change to the web staff client because we are not using it, yet. > > HtH, > Jason > > On 05/09/2017 04:48 PM, Josh Stompro wrote: > > Hello, we are currently using payflow pro, which I think means that our > > evergreen server handles the CC data and puts it in PCI scope. From > > what I’m reading, if we switched over to using Stripe, which uses a > > javascript library client side to submit the payment, then it would take > > our server out of scope. Does the Paypal code work the same way? > > > > > > > > It looks like the tpac supports Stripe, but the web based self check > > does not. How about the staff client/web staff client payment > > interface. Does that support Stripe? > > > > > > > > Along the same lines, is there a way to disable the staff client credit > > card interface. We don’t want staff handling credit cards with that > > interface, since they have to type in the code and info, which I believe > > isn’t PCI compliant, but I haven’t found a setting to disable that but > > allow tpac payments. > > > > > > > > Thanks > > > > Josh > > > > > > > > > > > > Lake Agassiz Regional Library - Moorhead MN larl.org > > > > Josh Stompro | Office 218.233.3757 EXT-139 > > > > LARL IT Director | Cell 218.790.2110 > > > > > > >
