All Questions
Tagged with pci-scope e-commerce
4 questions
12
votes
4
answers
4k
views
How does collecting sensitive data using iframes increase security?
So this approach seems to be rather popular, particularly among payment processors that provide javascript integrations.
The added layer of security that "fields in iframe" brings also ...
- 222
2
votes
1
answer
213
views
PCI scope for a Direct-Post e-commerce site (SAQ A-EP)
An e-commerce site uses the Direct-Post method (see page 14 PCI e-commerce security).
Is the server for the e-commerce application and network it resides on in scope for PCI? There are questions in ...
- 21
0
votes
1
answer
129
views
Is it legal to post card data from an ecommerce checkout to a PCI compliant 'store'
Let's say I want to charge a user's credit card with their permission after a sale takes place. But, I don't want to have to ask them their credit card a second time.
Is it legal to store the credit ...
- 105
2
votes
1
answer
240
views
Can a non-PCI Compliant Service Provider provide SAQ A-EP compliance?
I am trying to find clarification regarding PCI Compliance SAQ A-EP and third party hosting solutions.
In order to achieve SAQ A-EP PCI Compliance using "Hosting Company A" is it necessary for "...
- 21