PCI Implementation Guide

This forum is dedicated to answering AbleCommerce 7.0 questions about PCI certification and compliance.
Post Reply
User avatar
Logan Rhodehamel
Posts: 4116
Joined: Wed Dec 10, 2003 5:26 pm

PCI Implementation Guide

Post by Logan Rhodehamel » Tue Feb 19, 2008 11:35 am

We recommend that all merchants meet the requirements of the PCI security standard when implementing AbleCommerce. To assist you in this process, we have developed the following instructions:


Follow the recommendations in the guide to ensure that AbleCommerce is configured as securely as possible, in a PCI compliant manner.

If I do not respond to an unsolicited private message, it's not because I'm ignoring you. It's because the answer to your question is valuable to others. Try the new topic button.

User avatar
Shopping Cart Admin
AbleCommerce Admin
AbleCommerce Admin
Posts: 3053
Joined: Mon Dec 01, 2003 8:41 pm
Location: Vancouver, WA

Re: PCI Implementation Guide

Post by Shopping Cart Admin » Mon May 10, 2010 12:03 pm

Hello Everyone,

The PCI implementation guide has received it's yearly update, there are not any material changes to the guide which will require your attention.
Thanks for your support

Shopping Cart Guru
Follow us on Facebook

Ensign (ENS)
Ensign (ENS)
Posts: 6
Joined: Thu Jun 18, 2009 1:38 pm

PCI Compliance with customization

Post by eddiez » Wed Jul 21, 2010 12:01 pm

We are currently using version 5.5 CFMX, and we are considering moving to version 7. We are fully aware that V7 is not available in ColdFusion, and this is not an issue.
There are many customizations we have on our current app, that would have to be "re-done" with the new version. Among them are:
- Some products require additional reservation info, this would include an option for an alternate name on the reservation.
- Items in the cart must be deleted if the order is not completed within one hour.
-We would have to run 2 stores, with different checkout info on each.
-Reports must be based on the date we take payment, rather than the date the order is completed
-Some financial data MUST be available to other applications
-The method refunds are completed and tracked must be fully customized.
Is it possible to make such changes WITHOUT using the source code? If so, will doing so violate your guarantee of PCI compliance?

Post Reply