Insight into how you can minimize and manage PCI compliance risk

Hacking Online Payment Forms

Posted on October 13, 2016 Miki Rezentes
One of the most important, if not unsettling, principles in security is that there is no such thing as absolute security. It's possible to bypass any and all security measures given enough time and resources. Look no further than the Snowden revelations. This exposed the degree to which a variety of
Click to Read Full Article

RevolutionParts and Spreedly

Posted on April 18, 2016 Justin Benson
One of our customers, RevolutionParts, has a nice post on migrating to Spreedly. Many of our customers are implementing a new payments service. RevolutionParts were different in that they were already with another provider and needing to make a change. You can read the post over at their site i
Click to Read Full Article

Marketplaces and Stripe Connect: Does one size fit all?

Posted on November 10, 2015 Justin Benson
The shift from desktop/web to mobile/app is creating new opportunities for commerce. Everything from the way we book travel to have our groceries delivered is up for grabs as commerce moves to mobile. When building an app or service that connects suppliers and consumers you quickly run into the iss
Click to Read Full Article

Spreedly Express: The Easiest Way to Collect Credit Cards

Posted on August 13, 2015 Miki Rezentes
Merchants using Spreedly to process payments currently have several options when it comes to collecting credit card data. If you are already heavily in PCI scope and want to manage the addition of cards yourself you can use the direct API. If you want to limit your PCI scope under PCI-DSS v3.0 wit
Click to Read Full Article

Mobile, Marketplaces and Platforms

Posted on May 19, 2015 Justin Benson
The transition from web to mobile includes a consumer behavioral change of using mobile apps instead of a web browser. This transition is changing the way commerce happens online, since consumers are less likely to enter their CC data into a mobile app due to the form factor. Further, redirecting
Click to Read Full Article

Using an iFrame Payment Form with Spreedly

Posted on January 5, 2015 Ryan Daigle
PCI-DSS v3.0, which went into effect on January 1st of this year, mandates the use of an iFrame-based payment form for merchants wishing to minimize PCI compliance scope (defined as the ability to self-assess using the SAQ A questionnaire instead of the more onerous SAQ A-EP). We previously wrote ab
Click to Read Full Article

PCI DSS 3.0 for Online Merchants

Posted on December 18, 2014 Ryan Daigle
Nothing strikes fear in the heart of online merchants quite like PCI DSS – the set of “technical and operational requirements designed to protect cardholder data” put forth by the credit card networks (Visa, MasterCard, etc…). If you accept credit cards online, even if you’re not storing o
Click to Read Full Article

Sign up for blog post updates

Get notified about new Spreedly articles on PCI compliance, gateways, & more.