PCI Compliance - is SSL required in the Transparent Redirect scenario?
-
30-10-2019 - |
Question
We're going to use some payment service that has a secure link where the payment form data will be posted (e.g. https://some-payment-gateway/securelink/sslpmt) Our form will contain all the required fields for the payment to be done: 1. Customer Info 2. Billing Info 3. Credit Card Info Should our form be hosted on the secure site as well? As we understand, even if our site is unsecure, e.g.: http://our-site/orderform.html If it contains the:
<form method="post" action="https://some-payment-gateway/securelink/sslpmt"> ... </form>
The form fields will be transmitted through secure connection and no data is compromised. Are we true or false?
No correct solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow