Pardon for repeating this question here, but it may not be answered as quickly if left under the other post I started. I also see some past answers but nothing recent. So, after having some random problems with PayPal Express checkout lately, my question (and hopefully easily answered) is :
If I add a Stripe payment method, using the stock cs-cart add-on (currently on cs-cart ver 4.12.2.SP2), will that keep us PCI compliant and out of scope for storing any data on our own server whatsoever?
Thank you for any thoughts from CS or anyone with experience and knowledge of PCI.
Piggy-backing to this post from some time ago…we are now again being asked for scans to our site for PCI compliance, which in the past we were not required to scan. We have no problem disclosing all details about our operation, but really don’t want to be under a higher set of compliance rules if we don’t need to be.
So, hopefully a simple question : Assuming we meet all other security protocols on site, and if we are a) using a relatively recent version of CSCart with only Stripe at checkout, and b) have compliant terminals at our physical store, should we be using use questionnaire C, CVT, or D? It seems questionnaire D is where the scans come into play, with quite a few tedious false positives to work out for compliance. Thoughts?