Jump to content

McAfee PCI Service

sgrayban

By sgrayban
in Feedback

 Share

Recommended Posts

mhaskell Junior Member

mhaskell

Posted
Posted

when i saw the partnership arrangements between whmcs and mcaffee, i asked my payment gateway if this is all that i would require to store cc info on my site. I included a link to mcaffee's process. In response, my gateway replied that this is all that is required by them. Might i suggest that everyone contact their gateway to find out what is required by them, not by the credit card companies.

0
Link to comment
Share on other sites
msaunders Senior Member

msaunders

Posted
Posted
They are lying... and scamming people. THEY ARE NOT QSA APPROVED.

 

I'll have my merchant provider come here and re-explain that McAfee is scamming you and everyone else.

 

Didn't they state that they are not QSA approved in their reply ?

 

Yes, we know that we are not an approved QSA vender. That's why we have partnered with Foundstone.
0
Link to comment
Share on other sites
thernes Senior Member

thernes

Posted
Posted

@sgreyban

I think you need to understand 2 important things here

 

1. McAfee is not lying. They are not a QSA approved and they have admitted to not being one either

2. As McAfee stated above;

If a level one scanning (QSA - scanning required to have an onsite audit by a certified security professional) is needed, McAfee has a division, or partner, we use called Foundstone: http://www.foundstone.com/us/index.asp.

 

However, if you fall within the levels 2-4 merchants category, then upon completion of the PCI Compliance service which is offered through WHMCS at the discounted rate of $99/year, you are issued a Certification of Compliance accepted by all credit card companies and all banks worldwide.

 

Basically this means that unless you are rated as a level 1 merchant (Meaning you have sales for several millions a year through your site) you will not need an onsite security audit. It is these onsite security audits that has to be performed by a QSA approved partner. If you are a level 2-4 merchant, you only need online scans, as the ones that are provided by Mcafee.

 

We have several sites and have change payment providers several times and McAfees certifications have always been approved my Visa/MC, as we are classified as a level 3 merchant.

0
Link to comment
Share on other sites
mylove4life Senior Member

mylove4life

Posted
Posted

Good post, did not know that myself...

 

 

@sgreyban

I think you need to understand 2 important things here

 

1. McAfee is not lying. They are not a QSA approved and they have admitted to not being one either

2. As McAfee stated above;

 

 

Basically this means that unless you are rated as a level 1 merchant (Meaning you have sales for several millions a year through your site) you will not need an onsite security audit. It is these onsite security audits that has to be performed by a QSA approved partner. If you are a level 2-4 merchant, you only need online scans, as the ones that are provided by Mcafee.

 

We have several sites and have change payment providers several times and McAfees certifications have always been approved my Visa/MC, as we are classified as a level 3 merchant.

0
Link to comment
Share on other sites
opt2bout Junior Member

opt2bout

Posted
Posted

Even though I am not a Level 1 merchant (I wish!!) it is important that you check with your provider to see if they accept the McAfee analysis. My merchant provider wanted to charge me for a mandatory service and then penalize me if I failed to respond to any audit/scan failures. When I provided them with my McAfee report, they refunded their charge and accepted it.

 

However, I do wish the McAfee "seal" was provided with the service as well...this you have to pay for extra, and its expensive :(

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept