Re: X-Cart and PCI-DSS / PA-DSS compliance
Because there's certificate involved in exactly how the process works, I'm sure SOME of it would have to be encoded just so that actions by users wouldn't circumvent the certification itself. The purpose of the certification is so that they can verify that it's secure and whatever, if it's opensource and anyone can access the code and modify it, then essentially EACH OF US would need to get re-certified that the process is still doing what it was originally designed to do.
At least, that's what I would think anyway?
|