Quote:
|
Originally Posted by EN4U
Days before compliance is mandatory this all is sprung on us in all its glory. If the "TRUTH" of this was exposed months ago, myself and others I would assume would have gone elsewhere.
IMO this is a ploy that was tactically released so close to the deadline that most would be stuck to accept these terms. I for one will stand up and call it what it is, BULL****.
|
You have all reasons to be upset. The product is delayed.
Months ago, I had exactly the same amount of info on the situation as you have. A ready product and six months that were perfectly enough for QSA to finish their job.
Now I can clearly see that QSA will not finish their job by the 1st of July.
But what I can do is to make sure they are actually on this job, to make sure they complete it ASAP and to provide you with the information.
PS:
And I have TONS of reasons to be upset, too. I have a lot of my time and money invested in X-Payments. Apart from the product development, the PA DSS certification for software itself costs like fifty times more than PCI DSS QSA services for a single store.
These efforts was undermined by a low performance from QSA and I have no leverage to force them to move fast. Obviously, a contract with QSA can't have a clause that they have to certify us in a certain amount of time. They kinda need to be independent. And trust me, they are independent, at a galactic scale!
... to compliment the part of your post with reference to bovine sub-products:
I believe it was a serious mistake on my part to promise free X-Payments to our clients. That project cost us a lot of money and we're giving it away free of charge. There's not a single solution with one time fee on market that would provide PA DSS compliance at a cost measured in something other that THOUSANDS of USD.
If I'd know that there will be so few solutions that actually solve the problem and that they will charge their customers so much, I'd never promise free X-Payments. If I'd new just how much it will cost me personally to get this done, I'd never promise free X-Payments.
Nevertheless, the product is ready and my funds are already there. We will keep our promise and we'll give a free X-Payment license to all eligible clients (that means all clients who purchased X-Cart before 1st of June).
And all what we need in order to do that is the QSA approval, our work is done. I understand your concerns but the only help I can give now is to constantly bump the QSA.
We're not the ones who invented this PA/PCI DSS problem. We're one of the few who are actually solving it. I am open to feedback & criticism. But with all due respect, I will not tolerate offensive language on this forum.
Thank you.