| asterisk2billing.org http://forum.asterisk2billing.org/ |
|
| Encryption for PCI compliance http://forum.asterisk2billing.org/viewtopic.php?f=18&t=4049 |
Page 1 of 1 |
| Author: | dmoskaluk [ Tue Jul 29, 2008 10:19 am ] |
| Post subject: | Encryption for PCI compliance |
As you all know that PCI compliance is here and that anyone using credit cards needs to adhere to this new standard. Although most of the information for credit card processing goes to a third party like paypal information still needs to be encrypted. Would it be possible to encrypt A2B to ensure that any customer information is encrypted? |
|
| Author: | stavros [ Tue Jul 29, 2008 11:27 am ] |
| Post subject: | Re: Encryption for PCI compliance |
dmoskaluk wrote: As you all know that PCI compliance is here Personally, this is the first I've heard of it. I'm glad to see the CC companies finally doing something about combatting identity theft, etc at its primary source.Quote: Although most of the information for credit card processing goes to a third party like paypal information still needs to be encrypted. After a quick read I'm not sure it says anything of the sort:PCI DSS Compliance Guidelines wrote: The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information, including merchants and third-party service providers that store, process or transmit credit card/debit card data. As we don't capture or store any cardholder data, I don't believe PCI applies to A2B.Quote: Would it be possible to encrypt A2B to ensure that any customer information is encrypted? You can use LUKS to encrypt any partition. I use it as a matter of course for all partitions on my laptop. I doubt this would satisfy your obligations, if any, under the PCI DSS though.
|
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|