Re: X-Cart and PCI-DSS / PA-DSS compliance
I find this very confusing. We have a separate firewall, a web server and a database server. The Web server is scanned daily and is PCI compliant. I send the SAQ every quarter.
We use Usaepay as a gateway, and do not store card numbers or CVV data.
Do we need a separate payment server to remain PCI compliant?
Steve
__________________
Version 4.1.8 & 4.1.9
ezcheckout4.1.x
cdseolinks2
product_metatags41x
shipping_per_product41x
http://www.earthsmagic.com
|