|
|
|
|
|
|
by karsa
5811 days ago
|
|
|
You will need to be PCI compliant
This can be done very cheaply if you know what your doing and do some sys admin yourself. The tools to complete this involve a PCI scan and SAQ wizard : http://www.pcicompliance.org.uk/ This site offers both for 198 GBP which is a bargin. The next thing is you NEVER store the card details on your sever, instead your (merchant account) payment gateway provider will issue you a tokenID or sometimes you tell them the token ID that is used for recurring billing etc. and that way you only have to verify the card details once, typically a charge of £1 or something small then you get the token id store that in your DB and use it for all transactions, that way you never store card numbers and all is posted only once across ssl. Depending upon the features you have on your site you may find it difficult to get a merchant account and payment gateway provider to accept you. For example if you have any live chat features or webcams that would raise a flag and place you into a very high risk and potentially impossible place to get an account. for more advice contact http://www.merchant-advise.co.uk/ best
steve |
|
|