Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

PCI compliant offline payment processing

Posted on 2013-05-28
3
Medium Priority
?
357 Views
Last Modified: 2013-08-15
I have a customer who insists on processing payments via the local POS system, and refuses to get an online merchant account to be able to process payments online. What services are available, that are pci compliant, to store customer payment details and to access it securely ?
0
Comment
Question by:shadow2007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 54

Accepted Solution

by:
Scott Fell,  EE MVE earned 2000 total points
ID: 39201504
The only way you can accept credit card numbers and store them on your server to process manually would be almost never.  Or maybe if you had the same PCI certification as a payment gateway could you at least store numbers on your own server.  But I bet it would break the compliance by manually looking at the numbers and keying them in.  I think the costs associated with that type of certification would be in the near 6 figures.

You can usepaypal? and get an email that the payment was processed.

Otherwise, all you can do is make the form they want (or refuse to) and let them know they should check with their lawyer before doing this as there could be 5 figure fines per occurrence - but they should check with their lawyer - just be their developer.
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39201626
You need to either walk away or insist on the requirement be detailed in writing, and also make your objections known in writing so you don't end up tainted by such stupidity.

Cd&
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39201762
We might want to have a little more information about the client and the existing payment process.  Without all the details, I can't really recommend SquareUp or something like that.  So I am inclined to agree with COBOLdinosaur and padas.  Sometimes it's wisest to fire an unreasonable client and look for other work elsewhere.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question