After opinion as to need for SSL in this instance

Posted on 2014-09-01
Last Modified: 2014-09-03

I've uses SSL for years with a payment solution I wrote myself around 10 years ago that collected everything (account details, amount, pan etc) then passed to a payment provider (datacash) to complete the succeeded/fail and return

I'm now doing away with that and just collecting basic info, such as an account number (their account number with us, not the bank account number) and amount to pay, e.g. 12345678 £25.00 then passing that to an external provider (Capita) to take the card details via HTTPS and finalise etc.

Would anyone see a need to still use SSL in my basic part of the process now? I cant but just wondered what you gurus feel and why?

I'm asking as for easier PCIDSS compliance I want to move the capture part to another server but keep the SSL for the main website (logging in, checking balances etc but NOTHING to do with payments)

Question by:NeilT
    LVL 82

    Accepted Solution

    Most payment processors require you to have secured HTTPS page to post the results of the transaction to.  Some people feel that using HTTPS on any pages that submit any personal information is the right way to go.  And they feel it makes the user more confident in your process.

    My question is why would you stop using it?
    LVL 3

    Author Closing Comment

    many thanks
    LVL 82

    Expert Comment

    by:Dave Baldwin
    You're welcome.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
    SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
    This video discusses moving either the default database or any database to a new volume.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now