03-17-2015 07:28 AM
I realize that this has been asked in older posts, but I am in need of updated information and some clarification on on a couple of items I have seen.
I have a winforms application that is capturing CC data in an offline mode (i.e. NOT connected to the internet at the time of capture) when the business transaction occurrs (this is for an auction). Once the auction is over and all of the reconciliation has happened, the user goes online and processes the credit cards with the processor of choice. I am currently using MagTek encrypted readers at the moment, specifically for using TSYS' processing APIs. This way the CC data is completely encrypted and we don't have to worry about PCI compliancy. This all works fine and I am very happy with it.
We'd like to add Authorize.Net to our processing options, but from what I am reading, both here in the community forums and over at Authorize.Net's main dev site's docs, I would have to use the AIM method (for lack of a better term) to capture CC data and then send that over the wire to the secure web address using XML. However, I have not seen anything about using encrypted CC Data with Authorize.Net. All I have seen is that the CC data is sent over the secure line in plain text and I'd be on the hook for PCI compliancy for the storage of unencrypted data.
So the questions I need clarification on are this:
Thanks for any and all advice in advance!
03-17-2015 08:27 AM
In answer to your questions: