[kulture]

Great post. I use Litecommerce and am currently considered "PCI compliant" by my merchant service provider. Or at least by the auditors they have recommended. In my opinion the only real way to get a definitive answer for YOU is to ask your card provider what YOU have to do to satisfy them.

All that said, I consider version 5 a non starter. It has already slipped from its original delivery date; there is absolutely no information as to what is in it; there is no way I would go live on it in its first year.

Litecommerce is clearly no longer supported by Qualiteam (no meantion of it in the recent paypal pro changes for 3d secure). So I am moving cart and not to XCart.

Regarding gateways, I am looking at Sagepay Server which looks like it runs from an IFrame in my chosen new cart and thus is hosted on Sagepays server BUT looks like its your site.