joined:Dec 8, 2003
There are commercial carts out there that are PCI compliant (PA-DSS Certified/PCI Compliant?) and some that are not.
If I use a non-certified cart or my own custom cart, will I run into problems in the future? Or is it an unknown at this point?
I think these companies spent like 40K to get this certification (along with programming changes to meet their requirements etc).
I also understand that if you make modifications to the source code, you could potentially need to get things re-certified since you changed or potentially broke the requirements.
I was recently approved for my merchant account, and they didn't even ask me anything other than content + SSL requirements on my website (private policy, return policy etc.)
Can someone clear this up for me please? I am really confused, is this just marketing trickery by the commercial carts or there is more to it.