AbleCommerce Shopping Cart Software


http://forums.ablecommerce.com/

Upgrading from 5.5 to the latest for PCI

http://forums.ablecommerce.com/viewtopic.php?f=46&t=13064

Page 1 of 1

Upgrading from 5.5 to the latest for PCI

Posted: Mon Jan 18, 2010 11:31 am
by deverill
Hi gang,
We are currently running a moderately customized AC 5.5 for ASP.NET with MySQL. With the PCI deadline coming we have to get compliant. My questions:

Is there much difference between accessing MySQL and MS SQL? Unfortunately 7 doesn't support MySQL.

How much difference is there in the table layouts between 5.5 and 7.0.4? Is it a change of a few concepts or an entire overhaul?

Has anyone been PCI certified with 5.5 or is it even possible?

Do you have *any* suggestions for us to make this happen as painlessly or quickly as possible?

Thanks for your help!
Jim Sewell - TrustedTours.com

Re: Upgrading from 5.5 to the latest for PCI

Posted: Mon Jan 18, 2010 11:36 am
by Shopping Cart Admin
Hello Jim,

The tables have changed quite a bit from 5.5 to 7.0, but there are still many similarities. 5.5 would be difficult to PCI 'certify' even though it was PCI compliant with the first PCI 'specifications'. New requirements on data encryption of 3rd party integration passwords and such are not done in 5.5.

If you're NOT using a payment gateway which accepts the CC payment on your website directly then it's a non-issue. e.g. Paypal, Paypal express and Google checkout.

Re: Upgrading from 5.5 to the latest for PCI

Posted: Mon Jan 18, 2010 11:57 am
by deverill
Ah, so if we use a CC payment system that the customer logs in to *their* site to process the payment we would be pretty much free an clear of PCI? That's definitely sounding better!

Re: Upgrading from 5.5 to the latest for PCI

Posted: Mon Jan 18, 2010 12:14 pm
by Shopping Cart Admin
Hello Jim,

If your store doesn't accept the payment directly and the customer is re-directed to paypal/google for the payment collection, then PCI is a non-issue.

It could affect your conversion rate if your customers are used to processing their payment directly on your website.

Re: Upgrading from 5.5 to the latest for PCI

Posted: Tue Jan 19, 2010 1:01 pm
by deverill
Thanks for your help Mike.

In the event we have to go to MS SQL and AC 7, is there anywhere I can see the table layout (chart or descriptive text)? That would be a big help in seeing where we are going and how painful it would be to reproduce our customizations.

Re: Upgrading from 5.5 to the latest for PCI

Posted: Tue Mar 02, 2010 2:53 pm
by Logan Rhodehamel
Shopping Cart Admin wrote:If your store doesn't accept the payment directly and the customer is re-directed to paypal/google for the payment collection, then PCI is a non-issue.
I noticed for the first time today PCI has published a short and sweet form for merchants who do not personally collect any sensitive cardholder data. The path to compliance is basically to attest that you don't collect the data and that the third party who does collect it is PCI compliant.
All times are UTC-05:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/