Using Authorize.NET DPM (Direct Post Method) from ASP.NET Web Forms
While thousands of custom websites with custom checkout procedures process credit cards, relatively few meet PCI compliance standards. Basically, when a credit card number TOUCHES your server, even if you do not store it, your system falls under PCI compliance guidelines which are pretty nasty. The easiest thing to do is never let a credit card number even pass through your server. Many folks use Authorize.NET’s SIM method, but it requires the credit card number passing through your server, setting you up for a likely PCI audit failure. Granted, credit card companies don’t run around auditing small online businesses, but I like doing things right and treating sensitive information with respect. Authorize.NET DPM seems like a great method. However, I found the documentation at Authorize.NET confusing, and they do not provide an ASP.NET Web Forms example of DPM. So I …
Using Authorize.NET DPM (Direct Post Method) from ASP.NET Web Forms Read more »