Cybersource Developer Community Cybersource Developer Community

ynermk · 09-30-2013

I know that some of the Authorize.net APIs allow for reduced PCI compliance scope, however is there any guidance anywhere indicating to what level? The PCI DSS E-commerce Guidelines released by the PCI SSC would seem to indicate that the only merchan...

ynermk · 10-08-2013

I think it will be SIM where possible and DPM in cases where product owners are concerned about the user experience. I am hoping that PCI 3.0 provides a bit more clarity regarding API solutions and possibly some more relevant SAQs.

ynermk · 10-03-2013

Not sure what would qualify as SAQ-A if you are correct - would you have to offload your entire catalog to a third-party service?Yes, that is exactly what the e-commerce guideline is saying. From page 17 of the PCI DSS e-commerce guidlines:“Many merc...

ynermk · 10-02-2013

Agreed with both solutions the merchant has zero visibility of the cardholder data. However, the merchant plays a role in ensuring that data is securely transmitted to Authorize.net. For example:a merchant is utilizing SIM ,their systems are compromi...

ynermk · 10-01-2013

Based on the guidance provided I don't see how SIM and CIM could be SAQ A. On page 17 of the e-commerce guidelines it clearly states that in a wholly outsourced e-commerce implementation "the merchant may be able to complete a SAQ A.” A wholly outsou...

Cybersource Developer Community Cybersource Developer Community

Your latest statistics

User Activity

SAQs for Authorize.net APIs

Re: SAQs for Authorize.net APIs

Re: SAQs for Authorize.net APIs

Re: SAQs for Authorize.net APIs

Re: SAQs for Authorize.net APIs