- From: rektide <notifications@github.com>
- Date: Tue, 12 Dec 2017 04:15:11 +0000 (UTC)
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 12 December 2017 04:15:38 UTC
Thanks for the replies. I'm going to leave this issue open for a day or two while I process this information. At first blush these seem reasonable. @ianbjacobs To be clear, it's capitally important to me to make it well beyond PCI-DSS. Even looking at much laxer SAQ A-EP (sorry I typo'd A-EF in my original post), there's still a huge amount of change-control & systems-modelling that PCI SAQ A-EP demands that is very very cumbersome & incompatible with modern software development. I'm going to try to understand these proposals in this context. I am however far from an expert here- I'm a dabbler that thought finally I could do payments & found out the hard way there was a lot to go- & it'd be great if others closer to this area might sounds off with their thoughts on webpayments-methods-tokenization and what PCI if any compliance it requires & why. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/660#issuecomment-350940384
Received on Tuesday, 12 December 2017 04:15:38 UTC