[LRUG] Recurring Payments and subscriptions
Marcus Roberts
marcus at marcusr.org.uk
Fri Sep 3 00:48:36 PDT 2010
On 3 Sep 2010, at 08:45, Lee Irving wrote:
> As you take credit card numbers on your site how do you comply with PCI?
>
Because we don't store numbers, but just pass them on to SagePay (and then repeat the payment in future against a token they issue for each transaction) we can get validated under the less strict PCI compliance. We use SecurityMetrics, and found the process cheap and pretty easy to comply with - their scans helped lock our server down completely.
More information about the Chat
mailing list