Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Paypal Website Payments Pro vs. Standard, PCI DSS


cconlin

Recommended Posts

Hi there,

I'm trying to figure out Paypal options for a client. The Paypal website states that credit card data security is taken care of by Paypal with Website Payments Standard, but that we need to manage security if we use Website Payments Pro.

 

Does that make sense to anyone? Any suggestions - or has anyone had experience with one or the other? The reason I'll use an online merchant company to process credit card payments is so that they handle all the PCI DSS compliance and such.

 

With Payments Pro I can have my own design on the checkout pages, and it's kept on my site. With Standard, I think we are stuck with the ugly yellow Paypal buttons. I want seamless design integration, but PCI DSS is more important. Does anyone have experience managing PCI DSS on Paypal Payments Pro? is it *partially* taken care of by Paypal?

 

Also - is there an add-on that will work with OSC 2.3? All the ones I found (and all posts) seem to be 2.2 or RCA.

 

Thank you!

Cindy

Link to comment
Share on other sites

is it *partially* taken care of by Paypal?

if you are using the Website Payments Pro it's your responsibility to secure your customer CC data. The easiest way to pass the PCI DSS is to have very secure hosting (VPS or dedicated server) with good firewall protection and don't store any CVS information or completely don't store CC information.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

PayPal Standard is in a sense also integrated with your site design, its only that after the checkout confirmation page the customer is sent to PayPal to complete the payment and once completed is then sent back to your website.

 

Using PayPal Standard, the PCI compliance is taken care of by PayPal.

 

 

PayPal Pro requires you to be PCI compliant due to that the CC info is inputted and transferred through your website. But since you do not store the cc info, its not to difficult to get PCI compliant in such a case and you can find a guide from someone who have gone through it here>>

Link to comment
Share on other sites

Thank you both for your input. I will use a system that includes PCI compliance so I don't have to deal with it. It's now between Paypal Standard, Authorize.net, and Beanstream.

 

When I called the support number to chat with Paypal, I was on hold for 20 minutes and never got to talk to anyone. When I called Beanstream, someone actually answered and knew what they were talking about. No transferring me to someone else. It's service like that that will ultimately help my decision.

 

Is there anything I should know about? Like a bad experience with any of these providers?

 

Thanks again to all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...