8

I know nothing about PCI compliance or ecommerce, but guess what I've been tasked with creating!

Comments
  • 0
    Our payment system passed PCI compliance even though we never tried to make it one. It was just something client wanted on a whim.
  • 0
    I'm just the dancing monkey.. if you explain what I need to do to actually try for PCI compliance I will do it. But I have no idea why I am doing it.
  • 1
    I am unfortunately a PCI internal security assessor... It is all really pretty basic security stuff... Annoying none the less. You'll do just fine... Once you read the requirements and make a list for remediation that is :)

    That said if you are writing code for an ecommerce site that needs to be compliant you want to review the PA-DSS. You could also outsource the payment gateway and build just the interface then your side of the scope becomes much smaller.
Add Comment