Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

PCI Compliance Magento Community with First Data Global Gateway/Linkpoint/YourPay
 
RedskinsOne
Jr. Member
 
Total Posts:  22
Joined:  2012-02-20
 

Hey guys....I hope I’m asking this in the right place.  I am having a website developed for me right now using Magento Community and should be done in 2 weeks or so.  I’ve been talking to my bank (Bank of America) and they use First Data Global Gateway also known as YourPay and Linkpoint. 

I am very confused about PCI compliance with Magento Community and if I’ll even be able to use First Data if I don’t store customer CC info and CVV2 info.  Will I be OK? or will I have to do something else to accept CC’s on my website?

BofA says I’ll have to do a quarterly PCI scan.  So can I use First Data and pass PCI compliance with Magento Comm?  I’m really confused and hope someone has the correct answer.

Thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
 
RedskinsOne
Jr. Member
 
Total Posts:  22
Joined:  2012-02-20
 

To add, I will be going with a Magento optimized hosting provider that is PCI compliant.  Does that help any with my situation?  Or will I have to go with Paypal Payments advanced or something similar?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Rich Cleverley
Sr. Member
 
Avatar
Total Posts:  285
Joined:  2009-01-20
 

PCI is always tricky.  My understanding is that Magento CE itself isn’t Pci compliant however a lot will depend on how your payment integration works.  Does the payment gateway use hosted payment pages (i.e. an iframe or redirect off to their systems for card details input or are card details input into a form on your actual site?).  If the former then you cut out a lot of issues for Pci compliance.

Others may be able to advise with other elements of Pci compliance but I hope this helps.

 
Magento Community Magento Community
Magento Community
Magento Community
 
RedskinsOne
Jr. Member
 
Total Posts:  22
Joined:  2012-02-20
 
richclever - 26 February 2012 11:26 PM

PCI is always tricky.  My understanding is that Magento CE itself isn’t Pci compliant however a lot will depend on how your payment integration works.  Does the payment gateway use hosted payment pages (i.e. an iframe or redirect off to their systems for card details input or are card details input into a form on your actual site?).  If the former then you cut out a lot of issues for Pci compliance.

Others may be able to advise with other elements of Pci compliance but I hope this helps.

Well I tried to ask this to BofA Merchant Services and they stated the following:

“The Magento shopping cart is compatible with our secure gateway and everything Bank of America offers is PCI Compliant so no worries there. We’ll be storing your information so you will be in compliance”

I do not believe in this case customers would be leaving my site to process on another site and return back.  So I’m not sure if they understand my question

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top