NewAtThis Posted October 2, 2015 Share Posted October 2, 2015 (edited) Bellini13: Braintree is asking me to fill out a Security Metrics PCI Compliance survey, and I've hit a snag regarding how payments are accepted by my site. I called Braintree who told me to call Security Metrics who told me to call Prestashop who told me to contact you. Can you help me with the following two true/false questions on the survey? 1) My website uses Direct Post/Transparent Re-Direct.2) I accept payments using an I-Frame from a 3rd party sourceI don't know whether either of these statements is true, so I appreciate your expertise. And if anyone else knows these answers, I'd love to hear from you, to. Thank you! My web site is at www.mythatsgood.com in case you need to see how I've implimented the Braintree module. By, the way, I had posted this earlier today in a different thread that had already been answered, but then it occurred to me that this is a different topic, so that's why I'm reposting it as a different thread. Sorry if this causes any confusion. Edited October 2, 2015 by NewAtThis (see edit history) Link to comment Share on other sites More sharing options...
bellini13 Posted October 3, 2015 Share Posted October 3, 2015 Is Dropin UI enabled or disabled Link to comment Share on other sites More sharing options...
NewAtThis Posted October 3, 2015 Author Share Posted October 3, 2015 Hi, Bellini13. I think I really messed up by posting this in a different thread. I should just posted my questions in this thread and not the other. I'm sorry for the confusion. To make things more clear, I think we should forget that the other thread even exists and just have our conversation here. To answer your question, drop-in UI is disabled. I know that drop-in UI should make PCI compliance easier, but your custom UI looks so much better than the drop-in UI! I really don't like that the drop-in UI has the PayPal button right on top of the credit card fields. I think it's confusing. Your's makes it clear that PayPal is a choice and Credit Card is a choice. That being said, do you know if your custom UI does the following two things: 1) uses Direct Post/Transparent Re-Direct?2) accepts payments using an I-Frame from a 3rd party source? Again, I'm sorry for the confusion I've caused with the double-posted question. Thanks. Steven. Link to comment Share on other sites More sharing options...
bellini13 Posted October 3, 2015 Share Posted October 3, 2015 1) uses Direct Post/Transparent Re-Direct? No, Braintree does not offer this. Below is a decent article that explains what this is. https://www.ippayments.com/direct-post-transparent-redirect-versus-iframe-for-pci-dss-scope-reduction/ 2) accepts payments using an I-Frame from a 3rd party source? No, that would be the Dropin UI Link to comment Share on other sites More sharing options...
NewAtThis Posted October 4, 2015 Author Share Posted October 4, 2015 Thank you, Bellini13! For now, I think I'll switch to the less pretty and more confusing drop-in UI. It will allow my PCE Compliance process to be easier. Thank you again! Steven. Link to comment Share on other sites More sharing options...
Recommended Posts