[ic] Transparent Redirect for IC

Grant emailgrant at gmail.com
Fri Mar 15 19:13:42 UTC 2013


>> Is anyone interested in helping put together a generic or Braintree
>> Transparent Redirect payment module for IC?  The basic idea with
>> Transparent Redirect is to post your credit card form directly to the
> payment
>> processor who then transparently redirects the user back to your site.
> This
>> means you don't have to deal with PCI Compliance at all.  I don't know of
> any
>> downside to this.
>
> If the customer is typing their sensitive info on your page that is on your
> server and under your control, you still need to be PCI compliant. Imagine
> if a hacker gets into your system and tinkers with your "credit card form"
> to sleuth the info for themselves *and also* post it to your processor so
> that no one is the wiser.

You're right.  It turns out that transparent redirect makes PCI
Compliance much simpler and easier but does not eliminate it.

- Grant



More information about the interchange-users mailing list