View Single Post
Old 03-13-2013, 3:26 PM
Jason95357 Jason95357 is offline
Senior Member
Join Date: Feb 2013
Posts: 1,136
iTrader: 5 / 100%

Just my two cents, but hosting any sort of PCI stuff and doing it correctly is a major pain (at least at the merchant level of transactions/dollars we were dealing with). Our processor didn't charge anything different to have the payment form hosted by them (as opposed to our server forwarding the results of the form to them via a back-end connection), so we went that route. Basically we have an iframe that loads from their page when they go to purchase and after the purchase the iframe is redirected back to our page. The customer doesn't know they ever left our site, but as far as PCI is concerned it is all third-party hosted (our server never sees any payment info), so the only thing we have to do for PCI is annually have a statement from the processor that they are PCI compliant and we are done.
Reply With Quote