[clug] The 1st Internet Tax is here.

Daniel Pittman daniel at rimspace.net
Thu Nov 13 00:37:06 GMT 2008

Steve Walsh <steve at nerdvana.org.au> writes:
> Peter Barker wrote:
>> - if you *only* use third-party transactions (such as offered by MIGS),
>>   there shouldn't be any need to "certify". I wonder if that is the
>>   case.
> As far as I can tell, that's the case. We use MIGS for our (only ever
> manually processed) transactions, and the gateway itself is certified,
> we don't have to do anything (so far).

That is the case: when working for a client doing payment processing,
the situation was that because the credit card details were not handled
on our system we did not have any PCI obligations.

When working for a client who did hold the credit card numbers we
actually had a less pleasant situation: we had no option but the PCI
audits, which are quite a costly affair.

The fairly low monthly payment would have been comparatively nice.


More information about the linux mailing list