eBay Checkout, Merchant Accounts and PCI Compliance - eBay Suspended & PayPal Limited Forums
eBay Suspension & PayPal Limited Forums  
Join Today
Register Subscribe
     

Registration is fast, simple and absolutely free so please, join our community today!


Go Back   Home > Stealth Topics > Auction Listing > eBay News

eBay News Do you have News About eBay? Spill it!

Reply
 
Thread Tools
  #1  
Old 05-31-2009
Junior Member
 
Join Date: Jun 2007
Posts: 210
Thanks: 0
Thanked 10 Times in 10 Posts
Activity: 0%
Longevity: 97%
iTrader: (0)
Default eBay Checkout, Merchant Accounts and PCI Compliance

Last Monday, I wrote about an issue affecting sellers with merchant credit card accounts, and in particular about a seller who had a question regarding eBay's Payflow Gateway Service. Sellers who have a credit card merchant account and wish to use eBay Checkout must use the Payflow Gateway service in order to allow buyers to enter their credit card information directly in eBay Checkout.

I asked PayPal some follow-up questions.

Is the eBay Payflow Gateway PCI compliant?

Yes. The Payflow Gateway is PCI compliant.

Will eBay Payflow work with web payments pro, and what are the consequences if not?

At this time it does not. However, eBay is working on completing the implementation.

I also wanted to get more information about the circumstances under which such a merchant would choose not to use eBay Checkout if they weren't using an authorized eBay Third Party Checkout system. This is especially timely in light of the fact that some vendors are discontinuing Third Party Checkout, including Infopia and eBay ProStores, due to upcoming changes eBay is making on June 15.

PayPal spokesperson Charlotte Hill said, "We allow buyers to enter their credit card information directly and securely in eBay checkout. This is an optional feature. Merchants can continue to have buyers email / fax / call them with CC numbers outside of eBay checkout. We recommend that they switch to the Payflow integration because it will be more convenient and secure for buyers, and faster and more efficient for sellers. But we're giving them the option."

So merchants who choose not to use eBay Checkout can instead process credit cards manually. Is that feasible for the majority of sellers who have merchant credit card accounts given the extra steps required to collect and manually process credit card numbers? I contacted the merchant who originally alerted me to the issue in Monday's article. Apparently he uses Infopia, which will no longer support eBay Third-Party Checkout as of June 15. Can this merchant take credit card numbers over the phone or via fax? "We do not have the time to process orders like that and it runs completely counter to the purpose of the Web as a commercial medium."

It's important for merchants who chose not to use a checkout system on eBay to understand the legal and PCI requirements around collecting and storing credit card information.

Bob Russo, General Manager of the PCI SSC, said, "Companies cannot store unencrypted credit card data, CVV codes, pin codes/numbers or any magnetic stripe data. The PCI DSS does not permit using email or other end user messaging technologies to transmit unencrypted cardholder data. This is outlined in requirement 4.2.

"Anywhere cardholder data is stored, transmitted or processed it must be protected by the requirements of the DSS. The DSS mandates not storing cardholder data unless critically necessary and rendering any stored account data unreadable through hashing or encryption.

"Merchants may choose to accept or process card data via fax or phone, providing it is protected upon transcription and storage in accordance with the DSS. For example requirement 9 provides a host of controls to protect access to cardholder data such as securing any paper records that may contain cardholder data."

Note that there are state and federal privacy laws that encompass the storage of unencrypted data, so even if you take phone and fax orders and not email orders (which are prohibited by PCI DSS standards, according to Russo), you must be careful about how you store that data after you process the payment! (See more information on the Better Business Bureau website.)

Last edited by aspkin; 05-31-2009 at 09:58 PM.
Reply With Quote
The complete step-by-step guide to get back to selling today!

  #2  
Old 06-01-2009
Jonas's Avatar
Senior Member
 
Join Date: Apr 2007
Posts: 1,958
Thanks: 5
Thanked 19 Times in 17 Posts
Activity: 0%
Longevity: 98%
iTrader: (0)
Default

kingbrend, did you write this yourself or is it copied from a website?

Oddly aspkin edited it for some reason, too.
Reply With Quote
  #3  
Old 06-05-2009
aspkin's Avatar
Administrator
 
Join Date: Jan 2007
Posts: 11,313
Thanks: 3,065
Thanked 4,111 Times in 1,759 Posts
Activity: 29%
Longevity: 100%
iTrader: (25)
Default

kingbrend = aspkin

And the posts in these section are automatically posted from AuctionBytes by RSS
__________________
Reply With Quote
Reply



Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ebay automatic checkout for merchant account? Greenovni Payment Gateways 5 03-16-2009 06:40 AM
High Risk Category, Google Checkout, and Merchant Account TMiles Payment Gateways 6 12-06-2008 12:31 PM
eBay Policy Compliance Killed by Ebay eBay Discussion! 1 06-07-2008 10:57 PM
Policy compliance warning hepper65 eBay Discussion! 1 05-22-2008 03:09 PM
Merchant Account Or Google Checkout??? 2006bmr eBay Discussion! 30 10-04-2007 12:22 PM


Aspkin Group

All times are GMT -5. The time now is 01:05 PM.


Stop the guessing games and learn how you can quickly and easily get back on eBay today!
Read the best selling step-by-step eBay Suspension guide eBay Stealth!
Amazon Suspension? Read Amazon Ghost to get back on Amazon!
vBulletin® Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Ad Management by RedTyger
no new posts

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58