Mobile app version of vmapp.org
Login or Join
Kaufman445

: Magento Community secure? Has anyone used the Magento Community version for a live site? http://www.magentocommerce.com/product/compare#comparison-chart I've used ubercart for a few sites and am wondering

@Kaufman445

Posted in: #Magento

Has anyone used the Magento Community version for a live site?
www.magentocommerce.com/product/compare#comparison-chart
I've used ubercart for a few sites and am wondering if the free version of Magento is workable for someone with CMS and eCommerce experience, or are there security issues?

10.03% popularity Vote Up Vote Down


Login to follow query

More posts by @Kaufman445

3 Comments

Sorted by latest first Latest Oldest Best

 

@Vandalay111

The community edition doesn't have the secure payment bridge which helps with PCI
compliance


There is a PA-DSS certified solution for Magento CE - www.magentocommerce.com/magento-connect/kuzzma/extension/4110/cdev_xpaymentsconnector
The connector module is free, but vendor asks ~0 for X-Payments


If you're using paypal primarily, then all you need is community.


Depends on what PayPal method you are going to use.
For PayPal Website Payments Pro, PayPal Website Payments Pro Payflow Edition and PayPal PayFlow Pro where a payer enters credit card info right on your web-site you are to use a PA-DSS certified software otherwise you can be fined by your bank/merchant account provider. While they do not impose these regulations strictly at the moment we see more merchants being penalized for accepting credit card directly and not using a PA-DSS compliant software.

Migration to a "web-based" payment gateway where customers go to payment gateway's secure web-form for payment is another and much more cost-effective solution in this situation. Though in some cases such distraction (i.e. moving a customer from your web-site to payment gateway web-site) may influence conversion rates negatively.

10% popularity Vote Up Vote Down


 

@Cugini213

The security in Magento is done properly, i.e. URL key for admin, MD5 for passwords, .htaccess restrictions to protect user uploaded files, an encryption key that goes with the build.

Regarding payment by credit card, you can store credit card data, however, anyone with more brain-cells than a foetus uses a payment gateway with Magento. Popular gateways are provided by all payment processors or someone has written a gateway for them.

There are thousands of Magento stores out there, taking money. Have a look at the Magento blog and their Magento-spotting feature. Take it back to before 'Professional' came out to see top brands on Magento CE.

10% popularity Vote Up Vote Down


 

@Murray432

The community edition doesn't have the secure payment bridge which helps with PCI compliance. That's the real difference between community and pro. For commercial sites that process more than a few thousand credit card transactions a year, use magento professional or magento go if it's a small business.

I don't mention enterprise because you'd already know if you needed it.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme