Hacker News new | comments | show | ask | jobs | submit login

If your business accepts credit card payments, you must be PCI compliant.

Most gateways are structured so that your own systems never see card information.

What means PCI compliant ?

First result on Google - but here it is anyways: http://www.pcicomplianceguide.org/pcifaqs.php#1

You don't have to be PCI compliant to use Paymill, due to our "javascript bridge" solution. In short: the payment details never touches your server, removing the PCI compliance requirement.

Any merchant that accepts credit card payments must be PCI compliant. Even if cardholder data never touches the merchant's servers, the merchant still falls under the scope of SAQ A[1].

1: https://www.pcisecuritystandards.org/documents/pci_saq_a_v2....

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact