Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Good question. From the FAQ:

Do I need to worry about PCI Compliance?

Nope! By using PintPay, you never store credit card information on your servers. In fact, that information isn't stored on our servers either.

(Edited.)



You're on Linode and consider yourselves to be PCI compliant? Even though you're not storing the cards yourselves (probably using tokenization on Braintree or Authorize.net) you need to be compliant as the cards pass through your servers.


That didn't answer the question. Just because you don't store credit card information doesn't mean there aren't steps you still have to take to protect cardholder data. PCI compliance applies to both storing and transmitting cc info.


Yeah, as others have pointed out, that doesn't answer the question. I'm familiar with transparent redirects offered by Braintree and SpreedlyCore.

But Linode (mentioned in the footer) is not PCI compliant by default, so it's worth asking what they are doing since they DO touch the credit cards.


He's asking if you guys are PCI compliant.


I was very interested in your product at first, but this answer turned me off pretty quickly.

The site looks good, the service seems nice, but I'm not convinced you are PCI compliant based on the answer here and the Linode tag on your website.

I mean no offense by this comment, but payments are quite important, so I'm just pointing out what is making me feel uncertainty.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: