Results 1 to 6 of 6
  1. #1
    Join Date
    Feb 2008
    Posts
    569
    Plugin Contributions
    0

    Default PCI, verified..hacker safe?

    Okay Let me explain what I have here first, Blue Host-Zen-Cart, bluehost offeres "hacker safe" ScanAlert is a full service PCI compliance program - from the world's largest web site security certification company.... I signed up for it but I dont get the "hacker safe certificate" with the subscription paid by bluehost... Through zen-cart I have linkpoint... The McAfee "hacker safe" said i need this pci in order to process credit cards on my website? And if i wanted to upgrade it would only cost $950 a year! So anyways, The reason I am looking into this I had a comply comments for my page that, how do i know its safe, etc stuff like that, I was looking into get the "Hacker Safe" Certificate or the "Verified Certificate" on my website, anyone have experience with these? Does link point offer any certificate i can post... Thanks Just starting out the store, okay with design but this stuff no so good with. Thanks!

  2. #2
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,755
    Plugin Contributions
    9

    Default Re: PCI, verified..hacker safe?

    PCI is a controversial subject for online shops operators.

    IMO: The only requirement stated for the transmission of CC information is that this ONLY be done using SSL(Secure Sockets Layer) encryption.

    Different rules if you STORE any data.

    This is IMO, a demon created to scare small shop owners into thinking that they must have ALL SAFEGUARDS in place as though they were storing this data like a large company might.

    That aside, You can state in your own text that your site is safe and transaction data is secure with "enter your SSL Cert provider text" or you can use the expensive services that are available and display their assurance items.

    Choice is yours

  3. #3
    Join Date
    Oct 2007
    Posts
    19
    Plugin Contributions
    0

    Default Re: PCI, verified..hacker safe?

    Quote Originally Posted by kobra View Post

    This is IMO, a demon created to scare small shop owners into thinking that they must have ALL SAFEGUARDS in place as though they were storing this data like a large company might.


    stupid scare-marketing!

    unfortunately they (hacker-safe, etc.) have a little network-effect going for them. The more sites they get "hacker-safe" on the more the sites without hacker safe look bad.

    Newbie question -
    I only offer paypal as a payment option. So as far as credit cards data goes its all processed off my site. So SSL is not necessary, right?
    Last edited by toritaiyo; 13 Jun 2008 at 06:43 PM. Reason: forgot punctuation

  4. #4
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,755
    Plugin Contributions
    9

    Default Re: PCI, verified..hacker safe?

    I only offer paypal as a payment option. So as far as credit cards data goes its all processed off my site. So SSL is not necessary, right?
    Don't know what you sell - but you are correct if using only IPN -

    SSL does provide a bit secure feeling to many shoppers and as cheap as it is if you lose say one sale per month or a potential customer that never returns for that reason only what have you saved??

    It does indicate l - like at login - that you/your company takes measures to protect their privacy...

  5. #5
    Join Date
    Sep 2005
    Location
    The Internets
    Posts
    190
    Plugin Contributions
    0

    Default Re: PCI, verified..hacker safe?

    This is why I like Comodo SSL certificates so much, the cert image is displayed in the lower right of every page on the site, scrolling along with the window. The customer sees the image every time. And, unlike the "hacker-safe" programs (which are highly scrutinized by the security community), SSL actually works.

    On another note, it is not hard to do a little delving into security exploits to run against your own site. That is really all these hacker-safe programs do anyway. Many scripts exist for this - anybody with some experience in Linux/*BSD or related OS's can do it.
    Make regular site and database backups!

  6. #6
    Join Date
    Oct 2007
    Posts
    19
    Plugin Contributions
    0

    Default Re: PCI, verified..hacker safe?

    good points, thanks!

    @xt0rt,
    I like your signature

 

 

Similar Threads

  1. Problerms adding my Hacker Safe logo.
    By milobloom in forum General Questions
    Replies: 3
    Last Post: 14 Sep 2007, 02:04 AM
  2. A SSL / Hacker Safe Question
    By milobloom in forum General Questions
    Replies: 13
    Last Post: 13 Sep 2007, 09:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg