[LRUG] Sagepay

Riccardo Tacconi rtacconi at gmail.com
Thu Mar 22 04:34:59 PDT 2012


Thank you Richard and yes I should force HTTPS.

On 22 March 2012 12:30, Richard Taylor <richard at richt.co.uk> wrote:

> The form posts to spreedly secure (and PCI compliant) servers so the data
> never 'travels through' your servers so you have limited PCI scope.
>
> However, as has been mentioned, you will still have to fill out the basic
> PCI self-assessment questionnaire (which is basically a declaration that
> the card holder data isn't transferred through or ever stored on your
> servers).
>
> You should however run the page that contains the form on your server over
> HTTPS for customer confidence.
>
> Richard
>
> On 22 Mar 2012, at 11:16, Riccardo Tacconi <rtacconi at gmail.com> wrote:
>
> So I am using Spreedly Core with Sage Pay as gateway. With Spreedly I have
> created a form where the user enters the card details and then he is sent
> to Spreedly to store the data and he is sent back to my app with token so I
> can do the transaction. Two stakeholders raise an issue because the users
> will enter their card details in a form, and by only doing that it binds us
> to deal with PCI. Spreedly web site says the opposite. I am wondering who
> is right.
>
> On 21 March 2012 23:29, Graham Ashton <graham at effectif.com> wrote:
>
>> On 21 Mar 2012, at 22:11, Adrian Sevitz wrote:
>>
>> > Most of our customers are non UK based so we just absorb the cost
>> there. It's not ideal.
>>
>> Okay, thanks Adrian. That does seem to be the most pragmatic approach...
>> _______________________________________________
>> Chat mailing list
>> Chat at lists.lrug.org
>> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>>
>
>
>
> --
> Riccardo Tacconi
> Ruby on Rails and PHP development - System Administration
> VIRTUELOGIC LIMITED
>
> http://github.com/rtacconi
> http://riccardotacconi.blogspot.com
> http://twitter.com/rtacconi
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
>


-- 
Riccardo Tacconi
Ruby on Rails and PHP development - System Administration
VIRTUELOGIC LIMITED

http://github.com/rtacconi
http://riccardotacconi.blogspot.com
http://twitter.com/rtacconi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20120322/aa4fc4d2/attachment-0003.html>


More information about the Chat mailing list