Link to home
Start Free TrialLog in
Avatar of centerforward
centerforward

asked on

Best PCI compliant payment module & processor to use for OSC 2.2 MS2?

I started an ecommerce site for a client in 2006, it's an OSC 2.2 MS2 implementation.  The project was abandoned but they'd like to launch it now with integrated credit card payment.

The staging is here:
https://www.thermprocesses.com/index.php

I've implemented SSL just recently.

My client's really own requirement currently is that they want the buyer to enter their credit card info and pay as easily as possible, *on thermprocesses.com*, without leaving the site.

I'm concerned now about OSC 2.2 MS2 being so old, and the "Payment Card Industry Data Security Standard":

How Do I Know If Oscommerce Is Built To Be Pci Compliant?
http://forums.oscommerce.com/topic/266802-how-do-i-know-if-oscommerce-is-built-to-be-pci-compliant/

Can anyone advise me of a solution for payment module + CC processor that is as many of these things as possible:

 - PCI compliant
 - integrated CC payment on the thermprocesses.com side
 - easy module to install (exact name/version and where to get it etc.?)
 - ease-of-setup
 - good rate/value

I figure I must be one of many in this situation, but there seem to be countless overlapping options with vague issues and hacks and fixes and I'm just wondering if someone with experience can recommend a known/clear route?

He has PayPal Pro, but it appears that the IPN is meant to send the visitor TO PayPal, not to collect the cc info on thermprocesses.com (and he doesn't want that).

I'm reading you're "not supposed to store the CVV" so I'm wondering if there's some processor that works with a module over SSL to get the info but not store it (very long? etc.).

I'm also curious about E-Path,
http://e-path.com.au

"One of the advantages of e-Path is your site doesn't need to be PCI DSS compliant because it does not transmit, store or process credit card data. Your site doesn't even touch credit card data."

But I don't know if that's affordable/reasonable for the scale of his store or if it would even integrate with OSC 2.2.

All advice is very much appreciated!!
Thanks,
Alan
SOLUTION
Avatar of Dave Baldwin
Dave Baldwin
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of centerforward
centerforward

ASKER

Both of these responses make total sense and are helpful thank you -----  

It may be wishful thinking but a specific scenario actually known to work with OSC 2.2 MS2 would be wonderful.  Finding modules for that isn't easy because it's not new/current.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I should have added in my cost comparison the monthly fee.   With a low volume account, Intuit's rates are just a little bit higher, but their monthly fee is $10 per month lower.  Based on my comparisons, that puts Inuit just a little bit better.  But you can see once you go beyond that low volume, hands down Paypal will be better.
I appreciate everyone's help.  I realized I asked a broad question, and I genuinely appreciate everyone's time in communicating that information and context.  With all of this information, I will post next a more specifc request and see if anyone knows the answer ...
Final answer on this thread http:Q_28429770.html