View Single Post
Old 03-16-2011, 08:09 AM
  BCSE's Avatar 
BCSE BCSE is online now

Join Date: Apr 2003
Location: Ohio -
Posts: 2,934

Default Re: DPM (PA/DSS Compliant)

Originally Posted by gravel
I think the concept behind this is the same as the Braintree Transparent Redirect:

The key thing isn't where the cc information is typed in; it's where and how information is sent. A customer's computer is completely outside of PCI scope, and they can type their cc numbers anywhere on their computer til the cows come home, with no problem. It's how and where the numbers are sent that makes the difference.

So they type it in their browser but instead of it being sent to your server, that information is sent directly to the gateway (Braintree / Your hosting server never sees it.

I think Gravel explains it very well. can't say it takes you out of PA/DSS scope because they cannot comment on your other business processes which may touch/transmit CC information. This is also why we state on our site states that it
supports you to be PCI compliant including the new PA/DSS standard


Allows the store owner to complete PCI compliance with a Self Assessment Questionnaire (SAQ) A, instead of the more complex SAQ D*.

* A full assessment of a vendors specific business process is required to determine which SAQ needs to be completed to achieve PCI compliance.

So it is one step towards PCI compliance, but PCI compliance goes beyond just your payment gateway.

This is also the same as X-payments if you choose to use that route. It's just one step towards PCI compliance.

I hope this helps.

Custom Development, Custom Coding and Pre-built modules for X-cart since 2002!

We support X-cart versions 3.x through 5.x!

Home of the famous DPM & CIM Modules, Reward Points Module, Point of Sale module, Speed Booster modules and more!

Over 200 X-cart Mods available & Thousands of Customizations Since 2002 -

Please E-Mail us for questions/support!
Reply With Quote