Re: X-Cart and PCI-DSS / PA-DSS compliance
Wow, a lot of information to absorb here. I've now read this whole thread (and a few others) 2 or 3 times over. Thanks to everyone for trying to clear things up for others.
I have a few questions. Thanks in advance for any answers!
I have multiple Xcart versions running from 4.0.13 to 4.2.0.
I am planning the following tasks:
1 - upgrade servers to php v5.3
2 - patch Xcarts to run on php v5.3 (do patches exist for this?)(is this something QT can do for me?)
3 - have Xpayments installed on each (I think $75/ea was posted by QT)
4 - advise and assist all Xcart users to switch to some payment gateway (preferrably not offsite)
I assume that this will make all the sites compliant, insofar as Xcart is concerned. Right?
If all this is done, will the sites still be required to have the PCI Compliancy Scanning performed quarterly? Or would that go away due to the sites no longer processing/transmitting/storing CC data?
Am I missing anything here?