Quick Merchant/PCI compliant Q:

[ab305]

Just thought id throw the question out there before Tuesdays rolls around to call a merchant or two up.

If i setup a merchant and have the payment for on my site ex: https://secure.mydomain.com - they enter in all their cc info, click submit and its sent to the gateway to auth/charge/etc. Do I need to be PCI compliant if I go this route? or do I have to send them off the merchant/gateways payment page for them to fill in the info.

 

[7figures]

Short answer is yes, although there are different levels of PCI, most basic of them being a questionnaire / checklist you do yourself. You MAY not have to get the external testing and all that done, depends on what your gateway and merchant account people tell you. Thats assuming you arent saving their cc details on your server, and make sure their info doesnt show up in any of your log files or anything.