cancel
Showing results for 
Search instead for 
Did you mean: 

SIM Iframe SSL

I am using the SIM method and have installed and successfully tested authorize.net

 

My site is built on Joomla 1.5 -www.sandersmd.com

I have integrated the SIM into a wrapper/IFrame so the customer never leaves the site.  Obviously there are certain issues with using an Iframe.

 

My question is, if I turn on SSL for the site, will this allow me to be secure and PCI compliant?

Are there any other issues I need to be aware of using this method?

 

sorry but this is my first SSL-Payment Gateway setup and I believe that setting up SSL on the site for those pages will make me secure and pci compliant, however I am a total noob at this.

 

Thanks in advance!

ECP
Member
1 REPLY 1

We generally don't recommend wrapping the SIM form within an iFrame on your site, but it's definitely possible and should not affect the security of the transactions.  It would definitley be recommended that you add an SSL certificate to your site if you do choose to go this route.  Without an SSL certificate, your customers will not be presented with the secure site notification within their web browser when they are using the payment form.

 

How this will affect your PCI compliance is a much harder question.  Ultimately, whether or not this has any affect will be completely up to your PCI auditor.  If they determine that this setup requires a difficult certification process, that is their choice. If you know who you will be working with for PCI certification, I'd recommend contacting them before implementing this setup.

Trevor
Administrator Administrator
Administrator