Magento Secure Payment Bridge Now Updated
What is the #1 fear that could plague the post modern eCommerce company? Data breaches! Yes, this can be prove to be devastating for an online company’s revenues, reputation, as well as financial health. The loss could cause several millions and a mass decline in profits for the target company. Hence, all merchants including those on the Magento Platform need to understand that the business risks of security breaches are now too great to ignore.
Hence, as merchants, it becomes your obligation to maintain a secure environment for processing, storing, or even transmitting your customer’s credit card data. These requirements are now outlined by the Payment Card Industry Data Security Standard (PA-DSS). Hence, following these requirements will ensure that your customers can have confidence and they are protected against the risk of data breaches. Magento’s Secure Payment Bridge is an easy and cost saving solution for those on the Magento Platform to remain PCI compliant.
This application, which comes separate from the Magento Enterprise Platform, is now updated and is capable of working with the Magento Enterprise Edition 188.8.131.52.0, 184.108.40.206, and 220.127.116.11. It includes the following improvements:
- PsiGate is now capable of handling orders with 100% discounts that cover the product price, but not the shipping charges.
- Merchants no longer receive a decline error in case a fix discount is applied to an order that is processed by the PayPal Payflow Pro Payment gateway.
- Timeout issues with WorldPlay have been resolved.
- Also, merchants ca now receive an ‘appointed; status update from PayOne, wich indicates that the payment process has been successfully initiated.
Hence, merchants who are on the Magento Enterprise Edition 18.104.22.168, 22.214.171.124, or 126.96.36.199, and are experiencing any of the issues that have been mentioned above, need to upgrade to Magento Secure Payment Bridge 188.8.131.52 as early as possible.
At the moment, there are a few options that you can choose in order to achieve PCI compliance on Magento. However, it may require some changes on how credit card processing is handled. Merchants may note that the Payment Bridge is currently now available for the community edition, but there are several options available for achieving PCI compliance on Magento as below:
- It is advisable that you use only hosted payment methods such as PayPal Express or Authorizenet SIM. This will ensure that you don’t have your software to be PCI certified. This is because you will no be storing any credit card information locally and also that you will not be processing any transaction on your server. The downside is that you will be redirected to another website, which is not really a seamless solution.
- It is advisable that you use a SaaS PCI compliant payment application such as CRE Secure – this again will put you out of ‘PCI scope’. This is because the actual credit card processing happens offsite on someone else’s servier that is already PCI certified. It works by essentially serving up the checkout page from their server and processing the transaction there.
- You also can use Magento’s Payment Bride Solution, hence you are out of “PCI scope” with Magento, and this smaller and simpler app solution is the software that needs to be compliant is available free of charge with the Enterprise and Professional Editions of Magento. However, this requires an upgrade from the Community Edition.
To conclude, you can also visit Magento’s website at http://magento.com/resources/pci to understand Magento’s secure payment bridge in detail.