We recommend that all merchants meet the requirements of the PCI security standard when implementing AbleCommerce. To assist you in this process, we have developed the following instructions:
http://www.ablecommerce.com/ac7pciguide.pdf
Follow the recommendations in the guide to ensure that AbleCommerce is configured as securely as possible, in a PCI compliant manner.
PCI Implementation Guide
- Logan Rhodehamel
- Developer
- Posts: 4116
- Joined: Wed Dec 10, 2003 5:26 pm
PCI Implementation Guide
Cheers,
Logan
.com
If I do not respond to an unsolicited private message, it's not because I'm ignoring you. It's because the answer to your question is valuable to others. Try the new topic button.
Logan
.com
If I do not respond to an unsolicited private message, it's not because I'm ignoring you. It's because the answer to your question is valuable to others. Try the new topic button.
- Shopping Cart Admin
- AbleCommerce Admin
- Posts: 3055
- Joined: Mon Dec 01, 2003 8:41 pm
- Location: Vancouver, WA
- Contact:
Re: PCI Implementation Guide
Hello Everyone,
The PCI implementation guide has received it's yearly update, there are not any material changes to the guide which will require your attention.
The PCI implementation guide has received it's yearly update, there are not any material changes to the guide which will require your attention.
PCI Compliance with customization
We are currently using version 5.5 CFMX, and we are considering moving to version 7. We are fully aware that V7 is not available in ColdFusion, and this is not an issue.
There are many customizations we have on our current app, that would have to be "re-done" with the new version. Among them are:
- Some products require additional reservation info, this would include an option for an alternate name on the reservation.
- Items in the cart must be deleted if the order is not completed within one hour.
-We would have to run 2 stores, with different checkout info on each.
-Reports must be based on the date we take payment, rather than the date the order is completed
-Some financial data MUST be available to other applications
-The method refunds are completed and tracked must be fully customized.
Is it possible to make such changes WITHOUT using the source code? If so, will doing so violate your guarantee of PCI compliance?
There are many customizations we have on our current app, that would have to be "re-done" with the new version. Among them are:
- Some products require additional reservation info, this would include an option for an alternate name on the reservation.
- Items in the cart must be deleted if the order is not completed within one hour.
-We would have to run 2 stores, with different checkout info on each.
-Reports must be based on the date we take payment, rather than the date the order is completed
-Some financial data MUST be available to other applications
-The method refunds are completed and tracked must be fully customized.
Is it possible to make such changes WITHOUT using the source code? If so, will doing so violate your guarantee of PCI compliance?