cancel
Showing results for 
Search instead for 
Did you mean: 

Does non-hosted SIM encrypt card data?

I am using non-hosted CIM .NET API to add credit cards. This is the one part of my app that sends cardholder data out. So my question is, does it send this data out encrypted? My site does have an SSL certificate, but I am concerned about PCI compliance. From what I understand SAC level C is what applies to my circumstance since my app doesn't store cardholder data directly, but it does transmit it only when sending it to CIM using the API they provided.

 

So again, my question is is it encrypted and am I correct in that this requires SAC C compliance? Any help would be grealy appreciated.

JeffSGA007
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Connecting to a secure server--including https://secure.authorize.net/ as SIM does--includes automatically negotiating TLS.

 

This will ensure the data will be encrypted as it leaves your server for ours.

 

However, it does nothing for the data handling prior to that. So you would want to make sure your application handles the data securely at every point. Even if the data isn't storing it in a database permanently, it's presumed it would be temporarily stored in a variable before posting to us. That could be exploited by a malicious third party.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

View solution in original post

Lilith
Administrator Administrator
Administrator
1 REPLY 1

Connecting to a secure server--including https://secure.authorize.net/ as SIM does--includes automatically negotiating TLS.

 

This will ensure the data will be encrypted as it leaves your server for ours.

 

However, it does nothing for the data handling prior to that. So you would want to make sure your application handles the data securely at every point. Even if the data isn't storing it in a database permanently, it's presumed it would be temporarily stored in a variable before posting to us. That could be exploited by a malicious third party.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Lilith
Administrator Administrator
Administrator