[OPEN-ILS-GENERAL] Credit Card - Stripe Vs Paypal & PCI

Jason Stephenson jason at sigio.com
Tue May 9 17:14:57 EDT 2017


Josh,

Using PayPal is similar to Stripe, since the transaction is completed
via PayPal and the CC data is not stored in Evergreen.

We disabled the staff client credit card interface by commenting out the
relevant menuitem in Open-ILS/xul/staff_client/server/patron/bill2.xul.
(IANM, that relevant menuitem is on line 107.) We have not made a
similar change to the web staff client because we are not using it, yet.

HtH,
Jason

On 05/09/2017 04:48 PM, Josh Stompro wrote:
> Hello, we are currently using payflow pro, which I think means that our
> evergreen server handles the CC data and puts it in PCI scope.  From
> what I’m reading, if we switched over to using Stripe, which uses a
> javascript library client side to submit the payment, then it would take
> our server out of scope.  Does the Paypal code work the same way?
> 
>  
> 
> It looks like the tpac supports Stripe, but the web based self check
> does not.  How about the staff client/web staff client payment
> interface.  Does that support Stripe?
> 
>  
> 
> Along the same lines, is there a way to disable the staff client credit
> card interface.  We don’t want staff handling credit cards with that
> interface, since they have to type in the code and info, which I believe
> isn’t PCI compliant, but I haven’t found a setting to disable that but
> allow tpac payments.
> 
>  
> 
> Thanks
> 
> Josh
> 
>  
> 
>  
> 
> Lake Agassiz Regional Library - Moorhead MN larl.org
> 
> Josh Stompro     | Office 218.233.3757 EXT-139
> 
> LARL IT Director | Cell 218.790.2110 
> 
>  
> 


More information about the Open-ils-general mailing list