CyberSource PCI-DSS compliance

Frank Koehl's Avatar

Frank Koehl

09 Jun, 2010 06:41 PM

I recently received several emails from CyberSource informing me that they will begin requiring "PCI-DSS compliance validation" from all their vendors. I am a CyberSource client through my usage of Authorize.Net, so I assume that I am not the only CG user to get one of these alerts. From the research I've done, it looks like I can simply complete the shortened questionnaire myself, since all my processing is handled via CheddarGetter and Auth.Net's Customer Information Manager.

Is there anything specifically I should be aware of, in regards to CG's part in this equation? Just want to make sure I cross all the T's and dot all the I's...

  1. Support Staff 1 Posted by Marc Guyer on 09 Jun, 2010 06:51 PM

    Marc Guyer's Avatar

    RIght -- you should be able to complete the SAQ. There are some services out there that make it a little easier (for a fee of course). They also perform the require quarterly scans of your network. You might try https://www.trustkeeper.net or http://www.mcafeesecure.com/us/pci-intro.jsp

  2. Marc Guyer closed this discussion on 09 Jun, 2010 06:51 PM.

  3. Frank Koehl re-opened this discussion on 09 Jun, 2010 07:11 PM

  4. 2 Posted by Frank Koehl on 09 Jun, 2010 07:11 PM

    Frank Koehl's Avatar

    They also perform the require quarterly scans of your network.

    As far as I know, this doesn't apply to users of your service. They fall under SAQ A: "Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced."

    This URL has the full list of SAQ categories:
    https://www.pcisecuritystandards.org/saq/instructions_dss.shtml#instructions

    Or am I reading that wrong?

  5. Support Staff 3 Posted by Marc Guyer on 09 Jun, 2010 07:52 PM

    Marc Guyer's Avatar

    Technically, since your server touches the cardholder data before it's sent to CG, not all functions are outsourced.

    We're working on a transparent redirect feature that will work around this issue but it wont be ready for a couple of months and will require some adjustment in your app.

  6. Marc Guyer closed this discussion on 09 Jun, 2010 07:52 PM.

Discussions are closed to public comments.
If you need help with Cheddar please start a new discussion.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac