Ask HN: PCI-DSS (level 3/4) for a one-man business?

1 points by rmedaer ↗ HN
I wonder if someone with a one-man business app already implemented a debit/credit card payment system fully compliant with PCI-DSS level 3 or 4 ?

Indeed you could integrate components/drop-in's/plugins from any platform such as Stripe or Adyen, but what if you want to keep control on the full payment flow ? Such platforms allow you to use "only" their API to process the payment under the condition that you are PCI-DSS compliant. Therefore what's the effort required to fulfill the Self-Assessment Questionnaire[^1] ?

Many thanks for your feedback.

  [^1] https://listings.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-SAQ-D_Merchant.pdf

0 comments

[ 2.4 ms ] story [ 22.0 ms ] thread

No comments yet.