Quote:
|
Originally Posted by drooker
Two questions.
1. We use Authorize.net SIM payment gateway which as I understand it should be PCI compliant without using x-payments. Do I understand this correctly?
|
Authorize.net SIM is PCI compliant. It was the AIM module that wasn't, unless your site itself was compliant. But remember that customers are still looking for that lock icon during checkout, so they should be directed to https area of the cart/registration pages etc.
I went to your site and noticed that customers aren't directed to https on the cart page. Customers may still think their data isn't secure, even though it is when they are taken to AuthNet's payment page. You'll lose orders from people wanting to see a secure page when they click on their cart.
That's because customers have been trained (via industry education and browsers' detection of unsecure pages) to avoid websites that don't have the lock icon/blue-or-green url bar or whatever their browser does with secure pages.