9

This is going to be informational, as we had a good conversation over this area on Craft Slack. And good fun trying to get around the idiotic StackExchange 'subjective' monitor to publish it here -- couldn't imagine what this wanted.

Why would you want to avoid PCI compliance on your own server? Because it's a bank-level task to get and maintain it.

See the conversation linked in the answer below, thank you.

Improve this question

1 Answer 1

Reset to default
5

The takeaway is to use api packages provided by payment providers such as Stripe and Authorize.net. The Craft Charge plugin can very much simplify and smooth doing so with Stripe.

Here's a link to a Git Gist of the conversation, as Slack erases content within a week:

https://gist.github.com/narration-sd/1a0f8308a9695f032274f36b8ea7f59c

As well, though I don't guarantee it will stay up, is an experiment with Storify to show the same thing. I'm not sure which version reads better -- maybe Storify on a mobile phone, one reason for trying it.

https://storify.com/narrationsd/pci-security

Improve this answer
1
  • 1
    Storify will no longer be available after May 16, 2018 so glad you posted the Gist version too. Commented Feb 4, 2018 at 3:31

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.