Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)PCI compliance certificate and up-to-date scan

adw

adw

175 posts

Master Geek
+1 received by user: 24


#69818 13-Oct-2010 15:43
Send private message

Why is Orcon unable or unwilling to supply a PCI compliance certificate and up-to-date scan?  Despite requests we seem unable to get one which means online shops will be taken down affecting people's livelihoods/profits.

Do their servers no longer meet the secure requirements that they did when they were Iserve - this never used to be an issue and despite repeated requests for escalation we are getting no joy.

Create new topic
BartManGeek
187 posts

Master Geek


  #392076 15-Oct-2010 08:28
Send private message

Do they actually store Credit Card details on their servers?
http://www.pcicomplianceguide.org/pcifaqs.php#2
I suspect not hence no need for PCI compliance cert.




Rural Geek - Technology Solutions

"On two occasions I have been asked [by members of Parliament!], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." -- Charles Babbage



mentalinc
3384 posts

Uber Geek
+1 received by user: 1023

Trusted

  #392081 15-Oct-2010 08:41
Send private message

"that accepts, transmits or stores any cardholder data"

No idea what BartManGeek is referring to.




CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB:  Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

 

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX 

Falconz
67 posts

Master Geek


  #392785 17-Oct-2010 10:38
Send private message

It totally depends on how you serve your payment page, we host many sites with payment pages but because we use the DPS hosted payment page we dont have to comply with any PCI stuff.


Also its not orcons duty to do that, how can they know what/how your site is storing credit card details. You should have a VISA PCI complicate account which will scan your site every few months and warn you of any compliance issues. Sometimes its free depending on how much sales you do but otherwise is ~$160us a year or something like that

Cheapest thing to do is hand off payments to DPS then redirect back to your site. 



adw

adw

175 posts

Master Geek
+1 received by user: 24


  #393169 18-Oct-2010 14:06
Send private message

That's right, it does depend on how the credit card numbers are stored. 

It is Orcon's duty if they're on-selling a secure server option (which is what Iserve were doing) and a hosting platform suitable for on-line shops, as the Iserve one was.  It's the server the information is stored on that has to be compliant, which in the process of being sorted now.

DPS isn't an option for many small traders cost wise, along with that of a merchant account.  If someone just wants to sell gift certificates for example then the DPS option just doesn't work.

nate
6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

  #393202 18-Oct-2010 15:34
Send private message

adw: DPS isn't an option for many small traders cost wise, along with that of a merchant account.  If someone just wants to sell gift certificates for example then the DPS option just doesn't work.


I don't understand how else you'd do it, surely you need some form of payment processor?

robbyp
1199 posts

Uber Geek
+1 received by user: 8


  #393215 18-Oct-2010 15:55

nate:
adw: DPS isn't an option for many small traders cost wise, along with that of a merchant account.  If someone just wants to sell gift certificates for example then the DPS option just doesn't work.


I don't understand how else you'd do it, surely you need some form of payment processor?



They temporarily store the CC details, to process manually, either through an eftpos terminal or form. It is similar to mail order, where someone mails you their credit card details through the post, tells you them over the phone, or faxes them to you. I haven't found their support to be partically good since it rebranded and moved it to the parent website.

 

Many websites do this, and one reason some do it, is due to shipping, as sometimes it is impossible for a store to accurately calculated shipping, as NZ post or couriers doesn't have a module that will connect to the store. I am not sure about the dps hosted payment system, and whether that allows for the amount to be adjusted after the payment has gone through (eg a delayed payment rather than realtime to allow for price adjustment)

 
 
 
 

Shop on-line at New World now for your groceries (affiliate link).
nate
6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

#393233 18-Oct-2010 16:30
Send private message

robbyp: They temporarily store the CC details, to process manually, either through an eftpos terminal or form. It is similar to mail order, where someone mails you their credit card details through the post, tells you them over the phone, or faxes them to you. I haven't found their support to be partically good since it rebranded and moved it to the parent website.


Ah that makes perfect sense, thanks for the explanation.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright