View Single Post
  #24  
Old 03-16-2011, 07:55 AM
 
gravel gravel is offline
 

Senior Member
  
Join Date: Mar 2004
Posts: 156
 

Default Re: Authorize.net DPM (PA/DSS Compliant)

I think the concept behind this is the same as the Braintree Transparent Redirect:

The key thing isn't where the cc information is typed in; it's where and how information is sent. A customer's computer is completely outside of PCI scope, and they can type their cc numbers anywhere on their computer til the cows come home, with no problem. It's how and where the numbers are sent that makes the difference.

So they type it in their browser but instead of it being sent to your server, that information is sent directly to the gateway (Braintree / Authorize.net). Your hosting server never sees it.
__________________
X-Cart version 4.0.17
X-Cart version 4.0.18
Web servers = Apache
OS = Linux
Reply With Quote