Skipper Posted December 27, 2008 Share Posted December 27, 2008 PA-DSS = Payment Application Data Security StandardAs of July 2010 the payment card industry will require payment software you use to be PA-DSS compliant. PA-DSS applies to software developers, like PrestaShop, that store, process or transmit payment cardholder data as part of an authorization or payment.I understand that this is something that principally covers US grounds, for now, but the world is getting smaller...I am doing some homework for a customer presentation early next year ... someone from the PrestaTeam feels like giving me some input on your position?Thanks, Skipper Link to comment Share on other sites More sharing options...
Damien Metzger Posted December 27, 2008 Share Posted December 27, 2008 Nothing is integrated within Prestashop, you're redirected to the bank website.Anyway, payment is done with modules, so there isn't any position to have, it depends on what you install ^^ Link to comment Share on other sites More sharing options...
DavidL Posted March 8, 2010 Share Posted March 8, 2010 I don't believe this is true. The only way you don't have to be concerned with PA-DSS is if you send your customer offsite, Paypal etc, to process the payment. So if you use Authorize or someone like that to process orders on your site the shopping cart will HAVE to be PA-DSS compliant. The cart is only one part of compliance but it is still a part.So this is a very important question that needs an answer. Will PrestaShop be compliant by July of 2010? Link to comment Share on other sites More sharing options...
Damien Metzger Posted March 9, 2010 Share Posted March 9, 2010 Every credit card payment module developped by PrestaShop bring the customer offsite.If you're using an Authorize.net payment gateway that keep your customer onsite, then the module has to be PCI-DSS compliant, but PrestaShop do not natively save anything private data like credit card numbers. Link to comment Share on other sites More sharing options...
Recommended Posts