Re: Authorize.net DPM (PA/DSS Compliant)
Have you heard of this: http://www.prnewswire.com/news-releases/63-of-merchant-networks-contain-unencrypted-payment-card-data-in-v...18504204.html?
I really wonder a) who this program can determine compliance/non-compliance if the servers and x-cart in our case are encrypted, and b) what would the results be with this program for DMP. Does anyone have an idea? |
Re: Authorize.net DPM (PA/DSS Compliant)
The link you referenced is a tool looking for unencrypted credit card information. The best advise is not to store credit card information, encrypted or not, on your server. Using the method being referred to in this thread, Authorize.net DPM with the mod from BSCE, the credit card information is not stored on your server. It does not appear the tool you are referencing is applicable to this method. And if you do not use X-CART to store credit card info on your server (or never have), I don't think it applies in general, but you may check with the vendor to see if it is somehow doing other checks for PCI/Compliance.
--- |
Re: Authorize.net DPM (PA/DSS Compliant)
Our server move seems to have broken this add-on...anyone have any weekend quick fixes/ideas?
|
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Drop us an email if you're still having problems. Feel free to place an urgent support ticket if something is urgent like this. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Thanks, Carrie, I've just submitted the ticket!
|
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
No problem. I already replied. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Just wanted to leave a positive comment about Carrie and her willingness to jump in and help solve our problem!!
|
Re: Authorize.net DPM (PA/DSS Compliant)
Glad you figured it out!
Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Any recommendations on what company to use to do compliance scans on your site?
|
Re: Authorize.net DPM (PA/DSS Compliant)
We use McAfee Secure:
http://www.bcsengineering.com/mcafee_secure/ There are others out there but I'm not familiar with them. We've been using these guys for over 7 years. Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Our Holiday present to you $20 off of our Authorize.net DPM module!!
Utilize our Authorize.net DPM module with your AIM account to support you to be PCI Compliant including the new PA/DSS standard! Our Holiday present to you $20 off of our Authorize.net DPM module!! Hurry! Sale ends January 2nd! Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
So I just got x-carts newest newsletter and they reference two sites using x-cart:
Unemployed Philosophers Guild and Easy Decals Inc. When you go through the checkout process on both of these it gets to the credit card page and it is just the regular x-cart checkout without using x-payments? So does that mean they are not PCI compliant? Or are they using something that we don't know about? |
Re: Authorize.net DPM (PA/DSS Compliant)
X-Payments shows after you click on 'place order" on the checkout page so unless you tried to place orders on these sites you will not see X-Payments
|
Re: Authorize.net DPM (PA/DSS Compliant)
The merchant's bank is responsible for verification of compliance. I would advise not worrying about what other merchants or banks are doing, but to verify with the compliance officer of the bank that holds your merchant account that you are in compliance. You can send them information about the software you want to use to get their blessing (x-payments, authorize.net DPM, Barintree, etc.) They may have warned you about compliance, then asked you to self access by filling out a questionnaire. It could even be in the small print of something that you signed. They are likely going to do everything to reduce their risk, and not worry about expending extra effort to make sure you comply.
This gives you information about remaining in a state of non-compliance that could put you at risk: http://www.braintreepayments.com/blog/pci-compliance-basics-for-credit-card-secuirty When you look at someone else's site, you might not have the full picture of any discussions/agreements they have with their merchant account provider. Your best information probably comes from working with your own provider. --- |
Re: Authorize.net DPM (PA/DSS Compliant)
Carrie
I'm a new web store looking to incorporate a payment gateway using Authorize.Net. I currently have authorize.net aim account and my site is functional/products (except for the payment gateway). I deciding if I should pay your third-party module to implement DPM. When using your BCSE DPM Module on X-Cart 4.5.x... Can you clarify exactly what is needed to be done on the xcart site. My question is 1. Under XCart Admin > Settings > Payments Method. What payment method do I need to setup to be able to use DPM? Do I need to install x-payments (authorize.net aim) method and then install your module (or) use the existing Authorize.Net: SIM method and apply your module to use direct post method? Is there anything else needed on the xcart side. Thanks. Jesse |
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Jesse, You can probably get the fastest response via support but I'll try to answer your questions here. The DPM module uses AIM credentials to communicate. DPM runs over Authorize.net AIM's protocol basically. You can in theory have SIM and DPM running at the same time. If your X-cart does not support AIM then you *can* still use the DPM. Some people get confused on that. Older versions of the DPM just use the settings from AIM, it doesn't actually use the coding in X-cart for AIM. X-payments isn't required and will not work with the DPM module. The purpose of the DPM module is to help take your shopping cart out of the scope of PCI compliance so X-payments isn't needed (it does the same thing, taking X-cart out of PCI compliance requirements by taking the CC through X-payments instead of X-cart). Most banks accept (not heard of any yet that don't) the DPM module as a viable solution to PCI compliance since X-cart no longer sees/transmits the CC number anymore. I hope that helps. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Jesse,
Also our DPM module has it's own place to put the AIM credentials in, if that wasn't clear. So you can't set it up until you purchase it if you have 4.5.x since 4.5.x doesn't include AIM directly in X-cart. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Hello Jon,
Do you have a PCI/DSS module for connecting with PayFlow? |
Re: Authorize.net DPM (PA/DSS Compliant)
Carrie,
I'm interested in this module for my site which is currently 4.4.5 and one of the reasons for not upgrading to 4.5.x is because it does not include (support) AIM . If i was to purchase and install your module while still running 4.4.5, will there be any issues or conflicts if and when i decide to move up to 4.5.x? Also i missed the $20 Holiday discount, is there any discount saving coupons available today or in the coming days/weeks? :) Thanks for your time. |
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Hi Austin, I'm not sure of any discounts coming up but we do frequently put it on sale. I can drop a hint though to our marketing person and she may do that soon. This module does *not* require Authorize.net AIM to be integrated into X-cart. I'll try to make that more clear on the website. It just requires an Authorize.net AIM account. In previous versions prior to 4.5.x it just used the configuration settings in the AIM in X-cart. For 4.5.x and up it uses it's own configuration area. Let me know if you have questions on that though! Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Yes, i do have an Authorized.net AIM account and thanks for clarifying that AIM configuration in 4.5.x is done within your module and in Xcart for previous versions.
I will keep an eye out for future discounts for this item. Hopefully i'm not alone in this :) Thanks again. |
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Carrie, Thank in advance for your help. Can the module be used with X-Cart 4.6 without the need for X-Payments? If so, which payment gateway do we choose in X-Cart? The only option I see for Authorize.net AIM is via X-Payments. Kevin |
Re: Authorize.net DPM (PA/DSS Compliant)
Kevin,
When you install our module into 4.6.x you should see it as an option in the Modules section. I can't remember if it shows up in the payment methods selection. I'm currently out on vacation so it would be best to email us directly if you still have technical questions. thanks! Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Thanks Carrie. I'll do that. Enjoy the rest of your vacation.
|
Re: Authorize.net DPM (PA/DSS Compliant)
Thanks Kevin. I'm still out on vacation but wanted to check to see if my team was able to help out.
thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Currently our Authorize.net DPM and CIM modules are on sale!
http://www.bcsengineering.com/store/onsale.php?MMCF_xfANetAug13 Hundreds of people simplify their PCI compliance using one or both of these modules on their site. PCI compliance can't be achieved by just one factor, but our modules can make it much simpler than using standard on-site payment gateways. Hurry sale ends next Tuesday, August 20! Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
When the module was installed we tested it and it appeared to work fine. In the last few days it has been giving us the error code when attempting to place an order. I am using X-Cart v4.5.4 and experiencing an "Access Denied" error when using DPM module.
|
Re: Authorize.net DPM (PA/DSS Compliant)
Hi Barry,
Did you drop us an email so we can dig into this for you? We'll probably need to look into it some. It's quite odd for it to stop working like that. Thanks Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Barry,
I found your ticket and just replied just FYI! Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Carrie for checking out the error quickly.
I have updated the support ticket indicating the error still exist along with FTP access. Thanks |
Re: Authorize.net DPM (PA/DSS Compliant)
Finally bought this module and updated store to 4.6.0 and it is working well on the customer end, however in the admin i can no longer "capture" payments. When clicking on the capture button the following error is displayed:
Payment module internal error: the requested action couldn't be completed I've sent an email to BCSE support, but thought it would make send to add here for anyone to chime in. Thanks. |
Re: Authorize.net DPM (PA/DSS Compliant)
Hi Austin,
Hopefully my team was able to help out. I've been pretty swamped and haven't been able to review forum posts as frequently as I'd like to. Drop us an email back to support if you still need help! Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Carrie,
After many hours or trying i was finally able to get it to capture, but after each capture i get the following sql error: [16-Sep-2013 23:42:55] (shop: 16-Sep-2013 18:42:55) SQL error: Site : https://www.discountcarstereo.com Remote IP : Logged as : @discountcarstereo.com SQL query : SELECT `extra` FROM `` WHERE `orderid` = '300494' LIMIT 1 Error code : 1103 Description : Incorrect table name '' Request URI: /admin/process_order.php?orderid=300494&mode=capture Backtrace: /var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:320 /var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:217 /var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:581 /var/www/vhosts/discountcarstereo.com/httpdocs/modules/BCSE_Authorizenet_DPM/func.php:285 /var/www/vhosts/discountcarstereo.com/httpdocs/modules/BCSE_Authorizenet_DPM/process_order.php:22 /var/www/vhosts/discountcarstereo.com/httpdocs/include/process_order.php:51 /var/www/vhosts/discountcarstereo.com/httpdocs/admin/process_order.php:52 any ideas? Thanks |
Re: Authorize.net DPM (PA/DSS Compliant)
Austin,
Do you have this in a ticket by chance? That's the best way to help as I can then get it to the right person. It may be a feature we need to add. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
|
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Hi Austin, I found the ticket. Looks like Gary's working with you so we can get a programmer in to your system to look at your situation. Sometimes the latest version of X-cart is a real pain to let someone else into the back end. Looks like that's what he's working with you now on. Once we are able to log in we can probably advise and/or fix. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
I'm having the "page not found" issue when using this module. This happens when you click the submit button on the checkout page.
Anyone else figure out a fix for this? I'm using X-Cart 4.6 |
Re: Authorize.net DPM (PA/DSS Compliant)
Please check your SSL cert including intermediate certs as well. This happens if the SSL cert isn't installed correctly. Authorize.net will refuse to return to X-cart if this is the case.
Email us though if you still have issues and we can possibly point you to how to show your host that the ssl is an issue. Thanks, Carrie |
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Hats off to BCSE for their continued support. The programmer was given access to the back end and took care of the issue. I would like to make an observation: In Xcart 4.5.x (and prior versions) the pre-authorized order details page had a "capture" and "decline" button, however the decline button is gone in Xcart 4.6.x Is it gone because 4.6.x no longer has a built-in Authorize.net module or is it gone because your DPM does not support it? (is it available in X-payment?). This is the process one would follow in xcart prior to 4.6.x Processing a Pre-Authorized order If the order is in Pre-Authorized status, you can either capture the authorized amount or void the authorization. For PayPal, Authorize.Net, LinkPoint, Sage Pay VSP Direct or NetRegistry e-commerce orders, you can do this using the buttons below the 'Order details' field:
Declining in 4.6.x requires login to authorize.net. Any ideas? |
Re: Authorize.net DPM (PA/DSS Compliant)
Austin,
Glad we could help! Just let us know in your ticket how you want to proceed. Looks like we gave 2 options for this. One as a feature request and one as a quote (immediate need). Thanks, Carrie |
All times are GMT -8. The time now is 11:46 AM. |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.