I've been through the wringer with this. I'll try to be brief:
1. Received Elavon letter indicating our need to be PCI Compliant.
2. Learned quickly, that as a Level 4 merchant, Elavon is a band of extortionists.
3. Paid protection money to Elavon. Our server fails tests by McAfee Secure.
4. We're on a shared server, so we're always going to be non-compliant.
5. If we handed the entering of cardholder data to Authorize.net via the SIM module, we might be OK.
6. Scoured fora for info on the SIM module, not very promising.
So, does the SIM module work? If so, shouldn't this satisfy the potential PCI Compliance issues since Authorize.net is fully PCI/DSS Compliant? I'm certain I'm not the only one with this problem. Can we throw together a SIM module where all cardholder data is entered strictly on the Authorize.net side?
Please help! I'm losing hair and trying to calm myself with soft pillows and Zamfir. Ok, no Zamfir.
Thanks
Thread: PCI and Authorize.net SIM
Results 1 to 4 of 4
-
19 Dec 2008, 08:33 AM #1
New Zenner
- Join Date
- Dec 2006
- Location
- Augusta, GA
- Posts
- 72
- Plugin Contributions
- 0
PCI and Authorize.net SIM
-
19 Dec 2008, 09:29 AM #2
Black Belt
- Join Date
- Aug 2005
- Location
- Arizona
- Posts
- 27,761
- Plugin Contributions
- 9
Re: PCI and Authorize.net SIM
Don't let them extort you, seek the certified host in the link above that starts with "C" and be happy and you can tell them to stuff it
Zen-Venom Get Bitten
-
19 Dec 2008, 06:09 PM #3
New Zenner
- Join Date
- Dec 2006
- Location
- Augusta, GA
- Posts
- 72
- Plugin Contributions
- 0
Re: PCI and Authorize.net SIM
I was afraid of that. I guess I'm being too sentimental. I've been with HostMySite.com for years and have sung their praises only to be totally left hanging when this PCI crap emerged. I think I'm trying to fit a square peg into a round hole.
I'll look through the offerings above. In the meantime, the client in question did a Google search found the first result that said PCI compliant and chose them without too much input from me. Now I'm stuck on a host with no ssh. I need ssh and despite this particular host's protestations that you can't have ssh and be PCI compliant I know they are full of it; my client doesn't, so there we'll sit.
Great.
-
19 Dec 2008, 07:04 PM #4
Totally Zenned
- Join Date
- Mar 2004
- Posts
- 16,042
- Plugin Contributions
- 5
Re: PCI and Authorize.net SIM
you can have ssh and be PCI compliant
you can be PCI compliant on shared servers,
PCI Compliance while a pain to get right the first time is not hard to maintain, however we have seen alot of hosts that are just not willing to put in the work
and a Nod of thanx to KobraZen cart PCI compliant Hosting
Similar Threads
-
v151 Switching From Authorize.net (SIM) to AUthorize.net (AIM)
By dinohaven in forum General QuestionsReplies: 1Last Post: 2 Dec 2014, 05:56 PM -
v150 Difference Between Authorize.net (SIM) and Authorize.net (AIM)
By joem83 in forum Built-in Shipping and Payment ModulesReplies: 4Last Post: 30 Aug 2012, 10:48 PM -
Authorize.net SIM and SSL ? Related?
By WiccanWitch420 in forum General QuestionsReplies: 15Last Post: 15 Sep 2010, 06:42 AM -
Having trouble with the SIM module and Authorize.net
By standnbang in forum Built-in Shipping and Payment ModulesReplies: 1Last Post: 4 Feb 2009, 09:11 AM
Bookmarks