FoxyShop PCI DSS ??

Hello all (particularly Sparkweb, if you happen to be around here), I'm currently developing a site using FoxyShop for Wordpress (my first foray into the world of e-commerce) and I can't seem to navigate the maze that is PCI DSS compliance...

My goal is to have a branded checkout/payment system (or at least, as much as is possible) where customers can get through the whole ordeal quickly/painlessly. I know this is nothing original... Anyways, let's say I want to go with Paypal/don't want customers to be required to signup with Paypal prior to ordering/don't want quarterly security scans, compliance paperwork, the WORRY, etc/but at the same time don't want to shoot people over to some boring Paypal page--feels a bit unprofessional in my opinion :/ ...with these guidelines would Website Payments Pro/Standard be a good choice? (from my understanding Paypal WPP requires a bit of work on my end to be compliant). What about Payflow Link? is there a way to brand that without a bunch of yellow "Pay with Paypal!" buttons all over the place?

Secondly, I have roughly ZERO knowledge of how Authorize.net works...are people generally required to register with them before making payments through them? Would Authorize.net perhaps be a better choice for this project than Paypal's offerings?

Again, I'm using FoxyShop for Wordpress to handle this store...and it would be incredible to offer customers a checkout page where they just dial in some shipping/billing info (into a lightbox-ish iframe??) and are good to go! Anything to steer me in the right direction for payment gateways would be very very very appreciated!
Comments
  • fc_adamfc_adam FoxyCart Team
    Hey double knotted,

    Welcome to FoxyCart!

    So just to quickly clarify this in case it wasn't apparent to you, FoxyShop is a plugin for WordPress that allows you to easily setup a store on WordPress that integrates with FoxyCart. FoxyShop has been built and maintained by the awesome @Sparkweb, which is separate to FoxyCart - which is the actual cart/checkout/receipt system.

    PCI compliance can be a bit of an uphill climb when it comes to e-commerce, which is part of the reason why FoxyCart can be a great choice for people - we take care of the PCI burden for you! PCI DSS generally relates to the transferring and capturing of sensitive information like credit cards. As FoxyCart handles that with the payment gateway of choice on your behalf, you don't have much of a PCI issue there. Generally FoxyCart users are a SAQ A level of compliance as described on this page: http://wiki.foxycart.com/primer/security#pci_dsswhat_it_is_and_what_it_means_to_you

    When it comes to the checkout, again FoxyCart is a good choice for what you're looking for. It's really easy to create a branded checkout experience that is in line with your own website using our automagicache that securely caches your website design from a checkout template with a simple place holder to show where the checkout fields go. See this page for more information: http://wiki.foxycart.com/static/redirect/templates

    In terms of gateways, which you choose depends on the type of experience you're after. If you want customers to be able to pay using their credit cards from your branded FoxyCart checkout page and you're from the states, Auth.Net is generally a solid choice. People don't need to sign up with Auth.net in order to be able to pay, but they simply put their credit card details into your secured FoxyCart checkout page and submit the order. When they submit the order, FoxyCart securely passes that information over to the gateway to process the order, and when it receives a response it displays that to the user, either by showing an error on the checkout, or redirecting to the receipt page if it was successful. You can also allow customers to pay using PayPal if you'd like, either as a second option or the only option. Using PayPal Express would require the customer being redirected over to the PayPal branded payment page to pay, PayPal Website Payments Pro allows for credit card payments from your own branded checkout page. For a list of our gateways, take a look at http://wiki.foxycart.com/gateways/

    Hopefully that explains it for you - if you have any further questions, don't hesitate to ask!
  • sparkwebsparkweb Member, Integration Developer, FoxyShop, Order Desk
    And just to add to that, if you have any questions regarding the implementation of the WordPress plugin on your website and any customizations you are trying to make, feel free to hit me up on the forum. Make sure to check out http://www.foxy-shop.com/documentation/ for docs on FoxyShop and how it works.
Sign In or Register to comment.