Reply to post: Re: PCI-DSS Compliance

DVLA denies driving licence processing site is a security 'car crash'

Jonathan 27 Silver badge

Re: PCI-DSS Compliance

It's if you store any CC data. In the theoretical event that I wrote a site that used exclusively a 3rd party to process payments I would never record any of the information locally to get around having to have PCI compliance. You can also hand off the details to a second, more secure storage system that you also write and maintain, then only that needs to be PCI compliant.

This is of course definitely a theoretical situation.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020