[CentOS] PCI/DSS compliance on CentOS

Sat May 26 05:45:16 UTC 2012
Ken godee <ken at perfect-image.com>

>> What "level" of PCI/DSS compliance are you going for?
>
> I have to check this with the client.   Credit card information will
> be encrypted and stored in client's own db.

Yup, this is exactly what they don't want people to do and
I believe in the future they'll strive for just a handful
of processors that will meet there criteria.

> The client will be hosting it on their own office premise (the
> physical security aspect is being handled by another vendor).
>

I'm sure I'm talking way over my head at this point.... but
this must be for a fairly large merchant (1M+ transactions yearly).

Not quite sure why one wouldn't use one of processors gateway 
facilities, there's convenient api's that would handle anything to do
with cc's and at a "small fraction" of the price to set up and maintain.