Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls

X-Cart and PCI DSS / PA-DSS compliance
 
Reply
   X-Cart forums > News and Announcements
 
Thread Tools
  #11  
Old 03-09-2009, 01:11 PM
  bigredseo's Avatar 
bigredseo bigredseo is offline
 

X-Man
  
Join Date: Oct 2002
Location: Omaha, NE, USA
Posts: 2,367
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Thanks for the clear up on that Ralph. It'll be interesting to see how things turn out over the next few months. Any of the PCI Compliant software that we are running currently is all encoded once the merchant stuff takes over, which is why I assumed that things would need to be encoded also.

We'll wait and see what transpires here with X-Cart.
__________________
Conor Treacy - Big Red SEO - @bigredseo
Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding!
If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet.
Omaha SEO Office with National & Local SEO Services
Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance
Reply With Quote
  #12  
Old 03-19-2009, 06:31 PM
 
ozchris ozchris is offline
 

Senior Member
  
Join Date: Jun 2007
Posts: 100
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

sooo, how does this match up to the thread on 4.3 http://forum.x-cart.com/showthread.php?t=45398 where it lists the payment processors that will not be supported by 4.3?

is that approach now obsolete? replaced by the new payment module?

we were using vaultx - aka globalpoint aka paycorp, in Australia, for all our xcarts and credit card processing.

does that mean we can grab the existing code from 4.1.8 for vaultx and somehow link it to the new payment module?

or is it something that xcart can be asked to do?
__________________
Linux. Apache. PHP 5.2
Site 1 - now xcart 4.4.1 DSEFU, AOM, RMA, Magnifier, Upsells. Heavy mods for Australian postcode validation and extra Aussie payment method.
Site 2 - xcart 4.1.11, DSEFU
Site 3 - xcart 4.2
Site 4 - xcart 4.3
Reply With Quote
  #13  
Old 03-20-2009, 03:05 AM
 
exsecror exsecror is offline
 

X-Wizard
  
Join Date: Apr 2007
Posts: 1,284
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Quote:
Originally Posted by ozchris
sooo, how does this match up to the thread on 4.3 http://forum.x-cart.com/showthread.php?t=45398 where it lists the payment processors that will not be supported by 4.3?

is that approach now obsolete? replaced by the new payment module?

we were using vaultx - aka globalpoint aka paycorp, in Australia, for all our xcarts and credit card processing.

does that mean we can grab the existing code from 4.1.8 for vaultx and somehow link it to the new payment module?

or is it something that xcart can be asked to do?

This doesn't affect payment gateways per-se, just x-cart's core cc processing logic.
Reply With Quote
  #14  
Old 03-20-2009, 07:56 AM
  JWait's Avatar 
JWait JWait is offline
 

X-Man
  
Join Date: Nov 2005
Location: California
Posts: 2,440
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Is there a list of payment gateways that will be supported by v5.0 anywhere? I've looked but can't find any.
__________________
Two Separate X-Cart Stores
Version 4.4.4 Gold - X-AOM - Vivid Dreams Aquamarine (modified) - Linux
Mods - Newest Products - View All -, and a few others. Numerous upgrades from 4.0.x series.
Integrated with Stone Edge Order Manager + POS

Version 4.1.12 Gold (fresh install) - X-AOM - Linux
Mods - XCSEO free
Reply With Quote
  #15  
Old 03-20-2009, 06:02 PM
 
JazzyJeff JazzyJeff is offline
 

Senior Member
  
Join Date: Aug 2006
Location: Houston, TX
Posts: 188
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Quote:
Originally Posted by JWait
Is there a list of payment gateways that will be supported by v5.0 anywhere? I've looked but can't find any.

I think Qualiteam is still making that decision.
__________________
X-Cart Gold ver. 4.1.9

CDSEO Pro, X-AOM, Firetank's Feed Manager and Sitemap,
Altered Cart's Smart Search and 1-Page Checkout, On Sale,
and Marketing Manager Pro

Hosting by WiredTree
Reply With Quote
  #16  
Old 03-21-2009, 04:44 AM
  JWait's Avatar 
JWait JWait is offline
 

X-Man
  
Join Date: Nov 2005
Location: California
Posts: 2,440
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

I realize they can't have a "final" list of what payment processors will be supported, but as it stands right now, there are none. I would just like to know if there are any that will definitely be supported so I can make a decision as to what processor to go with now and not have to change later.
__________________
Two Separate X-Cart Stores
Version 4.4.4 Gold - X-AOM - Vivid Dreams Aquamarine (modified) - Linux
Mods - Newest Products - View All -, and a few others. Numerous upgrades from 4.0.x series.
Integrated with Stone Edge Order Manager + POS

Version 4.1.12 Gold (fresh install) - X-AOM - Linux
Mods - XCSEO free
Reply With Quote
  #17  
Old 04-01-2009, 03:40 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Just out of interest what is going to happen with older versions of x-cart i.e 4.0.x branch? is it going to be a case of if we want to be complaint then we will have no option but to upgrade (at a huge cost in the thousands because of all modifications) or is there going to be some way to have x-cart do customisations to make older branches compliant??
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #18  
Old 04-01-2009, 04:26 AM
 
balinor balinor is offline
 

Veteran
  
Join Date: Oct 2003
Location: Connecticut, USA
Posts: 30,253
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

No, the message at the top of the thread says it will be a payment module compatible with 4.0.x. This is what we were pushing for, and it seems they will be accommodating us instead of making everyone upgrade to v5.
__________________
Padraic Ryan
Ryan Design Studio
Professional E-Commerce Development
Reply With Quote
  #19  
Old 04-01-2009, 06:16 AM
 
cotc2001 cotc2001 is offline
 

X-Man
  
Join Date: Feb 2003
Location: Shrewsbury, UK
Posts: 2,351
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Quote:
1. We release X-Cart 4.3
2. We develop a payment module for X-Cart 4.3 and X-Cart 5.0 and verify it by a PA-QSA; probably, the source code of the module will be encrypted with Zend/ionCube
3. X-Cart users disable its credit card processing functions (so, X-Cart becomes not a subject for PCI-DSS) and install the PA-DSS verified payment module that handles all the credit card stuff; we will distribute the module among existing X-Cart users for free
4. The payment module will be implemented in such a way that allows its use with X-Cart 4.1.x and 4.2.x (with moderate customization of X-Cart source code).
5. Third-parties developing integration modules for payment gateways, not supported by the verified payment module out of the box, will have to complete a PA-DSS audit themselves (that costs dozens of thousands USD annually) if the chosen gateway integration method is a subject for PCI-DSS rules.
I couldn't see a mention of 4.0.x , only 4.1 onwards
__________________
x-cart 4.0.5 (live and heavily modded)
Server: freebsd
Reply With Quote
  #20  
Old 04-01-2009, 06:24 AM
 
balinor balinor is offline
 

Veteran
  
Join Date: Oct 2003
Location: Connecticut, USA
Posts: 30,253
 

Default Re: X-Cart and PCI-DSS / PA-DSS compliance

Perhaps they could clarify, I was under the impression it would be for 4.0 as well.
__________________
Padraic Ryan
Ryan Design Studio
Professional E-Commerce Development
Reply With Quote
Reply
   X-Cart forums > News and Announcements


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 02:15 PM.

   

 
X-Cart forums © 2001-2018