Payment Gateway solution - any recommendations?

Forums › Off topic › Payment Gateway solution - any recommendations?

1 | 2

Kyanar

4089 posts

Uber Geek
+1 received by user: 1684

ID Verified

Trusted

#999965 6-Mar-2014 09:13

jumcc87: thanks for all of the replies and advice, really helpful! Especially being wary of where the funds are.

I did call Zippitypay however no answer, i left a msg but have not yet received a reply. I want to accept different currencies as well so perhaps kiwipay is a no go.

In regards to the SSL and PCI requirements, i was of the thought that if I use a third party service like swipe, that the customer gets taken to their secure page to enter their credit card details? Do I still need to have these on my site as well?

Thank you

You wouldn't have to, but you should anyway. Even a $10 SSL certificate from Namecheap or GoDaddy will provide the encryption necessary to protect customer data (CAs are a racket - there's no functional difference between a $10 Comodo and a $800 Symantec certificate).

hairy1

3352 posts

Uber Geek
+1 received by user: 644

ID Verified

Trusted

Lifetime subscriber

#999998 6-Mar-2014 09:54

Another one to add to the mix is paymate.co.nz

My views (except when I am looking out their windows) are not those of my employer.

adw

175 posts

Master Geek
+1 received by user: 24

#1000004 6-Mar-2014 10:02

Kyanar:
jumcc87: thanks for all of the replies and advice, really helpful! Especially being wary of where the funds are.

I did call Zippitypay however no answer, i left a msg but have not yet received a reply. I want to accept different currencies as well so perhaps kiwipay is a no go.

In regards to the SSL and PCI requirements, i was of the thought that if I use a third party service like swipe, that the customer gets taken to their secure page to enter their credit card details? Do I still need to have these on my site as well?

Thank you

You wouldn't have to, but you should anyway. Even a $10 SSL certificate from Namecheap or GoDaddy will provide the encryption necessary to protect customer data (CAs are a racket - there's no functional difference between a $10 Comodo and a $800 Symantec certificate).

Don't confuse the two though, if you're intending to store client credit card data you require a PCI compliant server - this is different to just having a SSL certificate. If you're using a payment gateway then that removes this requirement but check with them that they are using a PCI server.

Kyanar

4089 posts

Uber Geek
+1 received by user: 1684

ID Verified

Trusted

#1000025 6-Mar-2014 11:01

adw:
Kyanar:
jumcc87: thanks for all of the replies and advice, really helpful! Especially being wary of where the funds are.

I did call Zippitypay however no answer, i left a msg but have not yet received a reply. I want to accept different currencies as well so perhaps kiwipay is a no go.

In regards to the SSL and PCI requirements, i was of the thought that if I use a third party service like swipe, that the customer gets taken to their secure page to enter their credit card details? Do I still need to have these on my site as well?

Thank you

You wouldn't have to, but you should anyway. Even a $10 SSL certificate from Namecheap or GoDaddy will provide the encryption necessary to protect customer data (CAs are a racket - there's no functional difference between a $10 Comodo and a $800 Symantec certificate).

Don't confuse the two though, if you're intending to store client credit card data you require a PCI compliant server - this is different to just having a SSL certificate. If you're using a payment gateway then that removes this requirement but check with them that they are using a PCI server.

Any payment gateway WILL have a PCI-DSS Level 1 certificate, which will be available to you. The technicals of their infrastructure is unimportant (and they probably won't give it to you anyway) but they will be able to give you a copy of that certificate which you can include in your SAQ-A questionnaire (if you're required to complete one).

1 | 2