Here at Spreedly we pay a lot of attention to PCI DSS compliance. As a company that handles millions of payment transactions on behalf of our customers we are a PCI Level 1 Service Provider. And one of our core offerings is a set of solutions that securely capture and collect payment methods, helping our customers reduce their PCI scope. So, we received Verizon’s 2017 Payment Security Report with interest. The report delves into the […]
Consider the pitfalls of online payments forms and processes—it becomes a conversation about conversion rates and drop-off. It’s a conversation that’s been had before. You know, really small problems which require small adjustments that make a HUGE impact on your online checkout experience and bottom line. This begs the questions: What role does your online checkout page play in your shopping experience? Are your users excited about their purchase, and rolling full-steam ahead to the […]
If you’re an online merchant or e-commerce provider by now you know you should use an iFrame based payment form to minimize your PCI compliance burden. And, in general, you’re in luck! Since PCI DSS 3.0 is almost two years old by now, most payment gateways and payment processors have iFrame-based payment forms available for use. However, all is not rosy in the payment form landscape. Just because your gateway offers a payment form that has “iFrame” […]
On February 2nd, 2017, the Payment Card Industry Security Standards Council (PCI SSC) updated its best practices guidelines for securing e-commerce and PCI compliance. Among other things, this is notable because PCI DSS 3.0 was released back in 2013 and a lot has changed since that time; most markedly the roll out of PCI 3.2 in April of 2016. The release of PCI 3.0 introduced the SAQ A-EP – a roughly 40 page requirement compared […]
One of the most important, if not unsettling, principles in security is that there is no such thing as absolute security. It’s possible to bypass any and all security measures given enough time and resources. Look no further than the Snowden revelations. This exposed the degree to which a variety of technologies previously thought to be secure had, in fact, already been compromised. The best that any organization can do is to increase the cost […]
One of our customers, RevolutionParts, has a nice post on migrating to Spreedly. Many of our customers are implementing a new payments service. RevolutionParts were different in that they were already with another provider and needing to make a change. You can read the post over at their site if you’re interested in learning more. This would be most applicable if you sell a SaaS based service into a group of diverse merchants.
The shift from desktop/web to mobile/app is creating new opportunities for commerce. Everything from the way we book travel to have our groceries delivered is up for grabs as commerce moves to mobile. When building an app or service that connects suppliers and consumers you quickly run into the issue of collecting payments on behalf of your merchants/sellers. There are three major challenges: PCI compliance, who will act as merchant of record, and sharing/splitting revenue. Stripe […]