I've been through the wringer with this. I'll try to be brief:
1. Received Elavon letter indicating our need to be PCI Compliant.
2. Learned quickly, that as a Level 4 merchant, Elavon is a band of extortionists.
3. Paid protection money to Elavon. Our server fails tests by McAfee Secure.
4. We're on a shared server, so we're always going to be non-compliant.
5. If we handed the entering of cardholder data to Authorize.net via the SIM module, we might be OK.
6. Scoured fora for info on the SIM module, not very promising.
So, does the SIM module work? If so, shouldn't this satisfy the potential PCI Compliance issues since Authorize.net is fully PCI/DSS Compliant? I'm certain I'm not the only one with this problem. Can we throw together a SIM module where all cardholder data is entered strictly on the Authorize.net side?
Please help! I'm losing hair and trying to calm myself with soft pillows and Zamfir. Ok, no Zamfir.
Thanks
Bookmarks