How is 'processing credit card data' defined (PCI)?

Posted by Chris on Stack Overflow See other posts from Stack Overflow or by Chris
Published on 2010-02-26T16:26:37Z Indexed on 2010/04/14 7:13 UTC
Read the original article Hit count: 302

Filed under:

credit-card

|

processing

|

pci-dss

If i have a web application and i receive credit card data transmitted via a POST request by a web browser over HTTPS and instantly open a socket (SSL) to a remote PCI compilant card processor to forward the data and wait for a response, am i allowed to do that? or is this receiving the data with my application and forwarding it already subject of "processing credit card data"?

if i create an iframe that is displayed in a client browser to enter cc data and this iframe posts the data via HTTPS to remote card processor (directly!) is this already a case of processing credit card data? even if my application code 'doesnt touch' the entered data with any event handlers?

i'm interested in the definition "credit card data processing". when does it start to be a cc data processing application? can somebody maybe point me to that section in PCI-DSS standard that clearly defines when you start to 'be a processing application'?

Thanks,

© Stack Overflow or respective owner

Related posts about credit-card

Maximum Year in Expry Date of Credit Card

as seen on Stack Overflow - Search for 'Stack Overflow'
Various online services have different values for maximum year of expiry, when it comes to Credit Cards. For instance: Basecamp: +15 years (2025) Amazon: +20 years (2030) Paypal: +19 years (2029) What is the reasonable maximum here? Are there any official guidelines? >>> More
Thoughts on security model to store credit card details

as seen on Stack Overflow - Search for 'Stack Overflow'
Here is the model we are using to store the CC details how secure does this look? All our information is encrypted using public key encryption and the keypair is user dependent (its generated on the server and the private key is symmetric encrypted using the users password which is also Hashed on… >>> More
Credit card system implementation?

as seen on Stack Overflow - Search for 'Stack Overflow'
My site is going to have a credit system that basically works a lot like a credit card. Each user has an unlimited credit limit, but at the end of each week, they have to pay it off. For example, a user might make several purchases between March 1st and 7th, and then at the end of March 7th, they… >>> More
Create an iTunes Account without a credit card

as seen on How to geek - Search for 'How to geek'
iTunes Store offers a large variety of free content, but to download it you have to have an account. Usually you have to enter your credit card information to sign up, but here’s an easy way to get an iTunes account for free downloads without entering any payment info. Although iTunes Store is known… >>> More
Somebody is storing credit card data - how are they doing it?

as seen on Stack Overflow - Search for 'Stack Overflow'
Storing credit card information securely and legally is very difficult and should not be attempted. I have no intention of storing credit card data but I'm dying to figure out the following: My credit card info is being stored on a server some where in he tworld. This data is (hopefully) not being… >>> More

Related posts about processing

configure Squid3 proxy server on Ubuntu with caching and logging

as seen on Server Fault - Search for 'Server Fault'
I have a ubuntu 11.10 machine. Installed Squid3. When i configure the squid as http_access allow all, everything works fine. my current configuration mostly default is as follows: 2012/09/10 13:19:57| Processing Configuration File: /etc/squid3/squid.conf (depth 0) 2012/09/10 13:19:57| Processing:… >>> More
apt-get fails to upgrade, install, remove etc

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I upgraded from 11.10 to 12.04, had no issues that I noticed. Recently tried to install something via software center, but it was throwing errors. Changed to trying to sudo apt-get install instead but again no luck. I've genuinely tried as much as I know to fix this, but I can't so I figured I'd ask… >>> More
Processing a tab delimited file with shell script processing

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, normally I would use Python/Perl for this procedure but I find myself (for political reasons) having to pull this off using a bash shell. I have a large tab delimited file that contains six columns and the second column is integers. I need to shell script a solution that would verify that… >>> More
Processing xml file VS. processing excel file from .Net

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello All, I would like to ask what should be faster: reading excel file from .Net or reading xml file which contains the same data. The same is for writing. Thank you very much in advance. mayap. >>> More
configure squid3 to set up a web proxy in ubuntu12.04

as seen on Super User - Search for 'Super User'
I am in a LAN and have to use a proxy given to access the web in a very limited way. I can't even use google, github.com or SE sites. However I can use ssh to log into a server, which I have root access so basically I can do anything I want with it. So I was thinking that maybe I could use that server… >>> More