Hello. I have a question on PCI compliance for my clients. Auth.net
recommend using the AIM connection method. They claim this is the most
secure method. However, after reading the PCI self-assessment
questionnaire (OHHH BOY), I am not so sure. Basic...
Actually, that same list is printed on many different sites. Here it is
again on this
site:http://www.focusonpci.com/site/index.php/Articles/pci-misconceptions.html.
Also, I have read the PCI standards and the SAQ. My understanding is
that what I sta...
After reading and researching, my understanding (and what I am telling
my clients) is if you use AIM and your web server/hosting is NOT PCI
compliant, you are vulnerable. Even if use an SSL to transfer the data,
that is NOT enough. To remove the requ...
Webguys2 wrote:We have talked with PCI consultants about all of this
PCI. We were using AIM but decided to switch to the SIM method to get
rid of some of the liability. The SIM is limiting for us but we are PCI
compliant now. Right! That is exactly w...
Here is a blog post with a much better (more detailed) description of my
concerns:http://skeptikal.org/2009/05/is-mass-hosting-pci-compliant-biting.html.
Mona
