Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve tried sifting through all the discussions online about PCI compliance when using PayPal payments pro, but there’s no clear answer. Other than having SSL, since I’m not storing cardholder information (I’m only transmitting it), what do I need to do to be pci compliant? I’ve implemented direct payment, express checkout, and recurring billing.
PCI compliance is determined by passing a PCI audit. A service can advertise itself as PCI compliant only if it’s passed the initial audit and any periodic audits.
Any service can adhere to the PCI guidelines – and should – but adherence and compliance are two different things.
A more direct answer to the question:
PayPal stores and manages all customer payment information so they shoulder the majority of the burden that comes with adhering to the PCI guidelines. In your case, at a minimum you should: