Thanks to all for the help. Its much appreciatd. Scott. sent the following on 10/22/2009 8:47 AM: > Hello all, > > We are very close to finalizing our method of credit card processing > within > ofbiz and of course, PCI compliance is taking a front seat. We will be > using > authorize.net as our gateway and they several different methods with > regards > to integration. The easy thing would be to use the current supported > method > but my preference would be to not store credit card info at all. > > They are the Simple Checkout, Server Integration Method (SIM) and the > Advanced Integration Method (AIM). I believe that ofbiz natively supports > AIM. The main difference between the three is that from a PCI standpoint > the > simple and the SIM method store the credit card data on the Authorize.Net > PCI-compliant servers thus eliminate the PCI compliance for our company. > If > I am correct, the SIM method keeps your checkout pages looking the way > they > were designed and being able to use the native ofbiz to actually charge > authorizations, etc. > > Has anyone implemented this with ofbiz successfully? How much trouble will > be to modify the ofbiz payment services not to store/read any sensitive > credit card information. > > Thanks in advance for any thoughts. >
-- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro Systems Integrator. -- View this message in context: http://n4.nabble.com/Question-about-authorize-net-and-PCI-tp276274p276544.html Sent from the OFBiz - User mailing list archive at Nabble.com.
