Jump to content

PCI Compliance - How to?

lukewd

By lukewd
in General Discussion

 Share

Recommended Posts

lukewd Member

lukewd

Posted
Posted

I have just been granted merchant facilities by my bank and the last hurdle is that they require us to provide a PCI certificate.

 

Could anyone please let me know what needs to be done (in terms of WHMCS only) in order to be PCI compliant?

 

I do understand that PCI compliance is a process and that there will obviously be other aspects of my hosting environment that will determine my compliance. But I would simply like to know if there is anything with regards to WHMCS specifically that needs to be done, or that I should know about?

 

many thanks,

Luke

0
Link to comment
Share on other sites
easyhosting Senior Member

easyhosting

Posted
Posted
I have just been granted merchant facilities by my bank and the last hurdle is that they require us to provide a PCI certificate.

 

Could anyone please let me know what needs to be done (in terms of WHMCS only) in order to be PCI compliant?

 

I do understand that PCI compliance is a process and that there will obviously be other aspects of my hosting environment that will determine my compliance. But I would simply like to know if there is anything with regards to WHMCS specifically that needs to be done, or that I should know about?

 

many thanks,

Luke

 

you could take a look here http://www.whmcs.com/partners/mcafee-secure/

0
Link to comment
Share on other sites
lukewd Member

lukewd

Posted
  • Author
Posted

Thanks, yes I have already found that, and this page as well: http://www.whmcs.com/features/pci-compliance/

 

However, there are several threads in the forum that suggest that WHMCS by default is not PCI compliant out of the box. It fails in the way that it sends password reset emails over insecure networks via email in plaintext. And this got me wondering whether there are other places where WHMCS falls short?

 

And also, how do we go about fixing it so it is PCI compliant?

 

Thanks

0
Link to comment
Share on other sites
easyhosting Senior Member

easyhosting

Posted
Posted

 

However, there are several threads in the forum that suggest that WHMCS by default is not PCI compliant

 

they mean WHMCS.COM is not PCI compliant

 

how do we go about fixing it so it is PCI compliant?

 

 

once you make you own website PCI compliant this will also make your own WHMCS PCI compliant.

 

we have a Comodo Instant SSL cert which comes with PCI Compliance, which is checked on a daily basis and is enough to satisfy our CC provider

0
Link to comment
Share on other sites
openmind Senior Member

openmind

Posted
Posted
they mean WHMCS.COM is not PCI compliant

 

 

 

once you make you own website PCI compliant this will also make your own WHMCS PCI compliant.

 

we have a Comodo Instant SSL cert which comes with PCI Compliance, which is checked on a daily basis and is enough to satisfy our CC provider

Not quite ;)

 

WHMCS has not been through a PA-DSS which some merchant providers will require as it is the software that processes/stores information. This is separate from making your own site/server PCI compliant.

0
Link to comment
Share on other sites
easyhosting Senior Member

easyhosting

Posted
Posted
PCI compliance has got sod all to do with the recent WHMCS hack as that was social engineering not a compromise of the software. Don't confuse the issue.

 

Phil trouble is when you read through these forums, it seems that now the social engineering incident is getting the blame for everything. even some are blaming this on the current slow support

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept