Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am developing an e-commerce website, I want payment process to be done from my site. meaning user will enter credit card details in a payment page of my site.
In short users should not be redirected to payment gateway for payment processing.
I am using MasterCard MIGS
Any help will be highly appreciated. Thank You
For a start you’ll need to use SSL when taking the customer’s card details.
You’ll also need to be PCI compliant, e.g.:
Build and Maintain a Secure Network
Install and maintain a firewall
configuration to protect cardholder
data
Do not use vendor-supplied defaults
for system passwords and other
security parameters
Protect Cardholder Data
Protect stored cardholder data
Encrypt transmission of cardholder
data across open, public networks
Maintain a Vulnerability Management Program
software
and applications
Implement Strong Access Control Measures
Restrict access to cardholder data by
business need-to-know
Assign a unique ID to each person
with computer access
Restrict physical access to
cardholder data
Regularly Monitor and Test Networks
Track and monitor all access to
network resources and cardholder data
Regularly test security systems and
processes
Maintain an Information Security Policy
information security
Ultimately, you will want to avoid storing any card details without a serious compliance headache.
Using MasterCard MIGS should mean you don’t need to store any card details – just send them under SSL.