Upcoming X-Cart v 4.4.6 (now renamed to 4.5.0) & PCI-DSS requirements

aasun · #**151** 04-11-2012, 11:29 AM

That just seems like such a "bait and switch" move. If we did stuff like that to our clients, we'd lose them in a heart beat. It would be different if there weren't valid alternatives to x-cart available... or, if x-cart competitors, themselves, didn't offer PCI-DSS compliant solutions out of the box. In that case, I see the strong "business decision" for x-cart to offer an "up-sell" product like X-Payments. I get that.

But, given the situation... AND the alternatives available for smaller stores, I can't imagine QT is acting in the best interest of their software customers.

I think it may be time to get interested in ... Cart.

cflsystems · #**152** 04-11-2012, 11:35 AM

Take a look at this - http://www.qtmsoft.com/xpayments.html#integrations - shopping carts section. Maybe this will answer the question - why go with separate application and not certify XC. They are aiming at the whole ecommerce market not only XC. For good or bad of XC users....

seyfin · #**153** 04-12-2012, 12:41 PM

Quote:

Originally Posted by balinor

We all pressed them to do that aasun, but they opted to go the X-Payments route instead. They have made it clear that they have no plans to make their core cart compliant, especially after spending so much money getting X-Payments validated.

When a new shopping cart version is released, or a new functionallity/customization/add-on module is added, or just some vital updates are applied like security patches, even not related to the payment processing - you will have to re-validate the whole cart application once again to meet PA-DSS.

That is the main reason of not making the X-Cart software validated, releasing a new 4.5.0 (ex 4.4.6) PCI-DSS compliant version (which has all cardholder data processing functions outsourced to an external payment system), and creating (and futher PA-DSS-validating) a special payment processing application like X-Payments.

By the way, you have a number of alternatives to X-Payments to be used as an external payment system in your e-commerce store, at different cost, as mentioned in previous posts.

cflsystems · #**154** 04-12-2012, 01:38 PM

Just out of curiosity - how other carts can have updates and be certified? I can't imagine they are released bug free and I can't imagine they release bugs fixes once or twice per year and I can't imagine them paying big bucks every 2-3 months for being certified. So somehow they have managed to be certified, release bug fixes and new versions and stay in business. I guess there has to be a way then

componentman · #**155** 04-13-2012, 07:18 PM

Quote:

Originally Posted by cflsystems

Just out of curiosity - how other carts can have updates and be certified? I can't imagine they are released bug free and I can't imagine they release bugs fixes once or twice per year and I can't imagine them paying big bucks every 2-3 months for being certified. So somehow they have managed to be certified, release bug fixes and new versions and stay in business. I guess there has to be a way then

I am wondering this too.

peterstagg · #**156** 04-16-2012, 04:03 PM

Hi Peeps

I have been away from the forum for a long time now, had to return back to Australia. I'm setting up my website with either 4.46 or 4.5. Having read this forum do I take it that I now need to have x-payments to use First Data even though all the processing is done on their site? all I do is send the value and merchant ID to them and they take all the customer details and and back an approved or declined code.

If that is the case x-payments will be needed at $1200.00 for 10 sites using the same merchant code?

Have I read this correctly?

X-cart version to be confirmed in signature..

balinor · #**157** 04-17-2012, 04:47 AM

If the credit card form is ON your site, you need X-Payments - and yes, one for each site. If your customer enters credit card data ON First Data's site, you don't need to do anything.

peterstagg · #**158** 04-17-2012, 04:55 AM

Quote:

Originally Posted by balinor

If the credit card form is ON your site, you need X-Payments - and yes, one for each site. If your customer enters credit card data ON First Data's site, you don't need to do anything.

Thanks Balinor. That works for me. it's kind of safer doing it so that the merchant has all the problems with the card handling!

Cheers

Peter

balinor · #**159** 04-17-2012, 05:53 AM

It is, just be aware that it is a proven fact that sending customers away from your site to pay will cost you a percentage of your sales. Not only is it suspicious looking to some, but every step you add to the checkout process is another opportunity for the customer to abandon the sale.

peterstagg · #**160** 04-17-2012, 06:00 AM

The site I had inthe UK seemed to have minimal abandoment, I guess because it was a known bank that did the processing. I could also set the page to look like it was part of the site as well.

I hope I can do the same with firstdata and integrate paypal and google wallet so it helps reduce abandonment