Quote:
Originally Posted by xplorer
Hi folks,
I know that PCI-DSS compliance is very important for many X-Cart users, so, I would like to announce our plans towards making X-Cart stores PCI-DSS compliant:
1. We release X-Cart 4.3
2. We develop a payment module for X-Cart 4.3 and X-Cart 5.0 and verify it by a PA-QSA; probably, the source code of the module will be encrypted with Zend/ionCube
3. X-Cart users disable its credit card processing functions (so, X-Cart becomes not a subject for PCI-DSS) and install the PA-DSS verified payment module that handles all the credit card stuff; we will distribute the module among existing X-Cart users for free
4. The payment module will be implemented in such a way that allows its use with X-Cart 4.1.x and 4.2.x (with moderate customization of X-Cart source code).
5. Third-parties developing integration modules for payment gateways, not supported by the verified payment module out of the box, will have to complete a PA-DSS audit themselves (that costs dozens of thousands USD annually) if the chosen gateway integration method is a subject for PCI-DSS rules.
Best regards,
|
What's the current status on the PA-DSS certified Authorize.net AIM payment module? Do you think it will be ready soon? You said in the thread that it should be ready in the next month or so?