MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: labpros on 2014-02-07, 18:45:57

Title: node pci
Post by: labpros on 2014-02-07, 18:45:57

Hi,
Is my kloxo-mr node pci compliance? if not what do i need?

Title: Re: node pci
Post by: MRatWork on 2014-02-07, 18:52:12

I don't know 'node pci' completely, but if you can install Centos 5/6 on it and running well and it's possible Kloxo-MR running well too.

Title: Re: node pci
Post by: chrisf on 2014-02-07, 22:27:23

PCI is The Payment Card Industry Data Security Standard (PCI DSS) which is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.  Essentially any merchant that has a Merchant ID (MID).

KloxoMR itself doesn't store such information, it wouldn't be considered as such.  It is whatever script you are using for payment processing and storage of that information.  It does have SSL and encryption.

Here is the link
https://www.pcisecuritystandards.org/security_standards/index.php (https://www.pcisecuritystandards.org/security_standards/index.php)

Title: Re: node pci
Post by: labpros on 2014-02-08, 18:22:11

I found this

Quote

Most people think that if they have a SSL certificate (i.e. there’s a lock in the browser) then they are PCI Compliant. Not true. Did you know that if you have FTP access to your website, then you are automatically disqualified from being PCI Compliant (SAQ C). Also, if your database server is on the same machine as your web server (most are), you also can’t pass the PCI test.

http://www.mijireh.com/integrations/woocommerce/