在使用PayPal Payment Pro时,我尝试过所有有关PCI合规性的在线讨论,但目前尚无明确答案.除了使用SSL外,由于我没有存储持卡人信息(我只是在传输信息),要符合pci的要求我该怎么做?我已经实现了直接付款,快速结帐和定期结算.
I've tried sifting through all the discussions online about PCI compliance when using PayPal payments pro, but there's no clear answer. Other than having SSL, since I'm not storing cardholder information (I'm only transmitting it), what do I need to do to be pci compliant? I've implemented direct payment, express checkout, and recurring billing.
推荐答案PCI符合性是通过通过PCI审核确定的.只有通过初始审核和任何定期审核,服务才能宣传自己符合PCI标准.
PCI compliance is determined by passing a PCI audit. A service can advertise itself as PCI compliant only if it's passed the initial audit and any periodic audits.
任何服务都可以并且应该遵守PCI准则,但是遵守和合规是两回事.
Any service can adhere to the PCI guidelines - and should - but adherence and compliance are two different things.
该问题的更直接答案:
PayPal存储和管理所有客户付款信息,因此他们承担着遵循PCI准则所承担的大部分负担.就您而言,至少应:
PayPal stores and manages all customer payment information so they shoulder the majority of the burden that comes with adhering to the PCI guidelines. In your case, at a minimum you should:
更多推荐
贝宝付款Pro和PCI合规性
发布评论