Brought in to debug and fix manlfunction database system. More specifically related to the scheduling, classifieds, and magazine section. This was strictly backend development with no control over designing liberties.

Worked with Brightcove’s API and wrote script that can determine internal ads from their video player and populate external ads that relate. There were many dynamic features to this that gave Marketing the ability to determine if a specific banner would fire only during the Ad clip, or to keep populated during the whole Video feed.

Alright guys, so I’m sure that many of you that have business’s and are looking to progress onto online marketing you will have to go through all kinds of rules and regulations you have probably never heard of. PCI stands for “Payment Card Industry” and DSS stands for “Data Security Standards.” So what is this? Why is it required? Is it a scam the banks came up with? Well no its not a scam, these are the security layouts that are recommended by the payment card industry. PCI includes but is not limited to Visa, Amex, Discover, and MasterCard.

So if you take credit cards online or at a physical location, you may already know about PCI DSS but not be familiarized with the background of it. So basically, You know as time goes by old tech goes out the house and new tech comes in. Humans are all about Innovation and changing, this is what makes us progress forward instead of backwards. This means that even security needs some updating. a good example of this would be if you had a million dollars in your car and people knew this. the only person guarding it is a old security official in his mid 50′s or, would you [reffer a young security officer at 25-30 years old at the peak of his experience and in great shape. I can guarantee hands down you want the best for your security. With the internet, there are a lot of issues with security. This means your little web-page can get attacked by anyone in the world.

PCI DSS on web-pages, you may be asked to fill out some SAQ forms “Self Assessment Questionnaire.” Now as an E-commerce merchant you will have to focus on one of two forms. SAQ-A or SAQ-D. The last letters determine the extensiveness of your security documentation. The higher the letter grade the longer it will be. So lets go ahead and go through what makes your life easy and what does not.

So the “D” form, this form is very extensive, your normally going to fill this form out if your e-commerce page has its own check out, and collects the credit card data on your web-page. Now I know this may be confusing, why would anyone else ever want to forward there customers to input their data on someone other persons page? Well, this is a business practice that even E-bay does. Ebay uses paypal, we all know it as the company that handles secure online payments and buys out other smaller franchises that do the same. Now If you dont forward your clients to paypal, cybersource, etc… this means that your web-page handles the security of every in individuals credit card numbers and the transmission to the bank for authorization. This would be cheaper if your a big company but more expensive if your small.

If you do handle the transmission and collecting, some of the things that may be covered is that you will have to have a SSL certificate on your web-page to ensure that your on a secure connection, you will have to encrypt every piece of transmitted data with the newest in tech standards. This is expensive for a mom and pop shop and makes it near impossible for them to move onto online business. So if your in that situation you may want to consider paying someone to take care of the security. This is not as expensive as you think. Pay-pal has this feature and it can actually be integrated with your shopping cart or any system you have. Pay-pal has the best support i have worked with, they are also one of web dev’s favorite choices in e-commerce check outs.

If you choose to let a third-party deal with your credit card data transmission its the easiest way to make sure that the credit card data is not lost and also not your problem if something does happen. When you use a third party you will be filling out SAQ-A which is roughly about 20 questions.

So whats the difference and why should i choose one over the other?

Small business’s should stick to using a third party to handle this unless they can afford to keep up with SSL certificate costs, Web devloper costs, as well as costs with a Server host that will host that data under the “Data Security Standards”

When your business is growing and going you start to branch out to a franchise, I would recommend having all the of the security done by your company that way you can give the franchisee the ability to sell online as well depending on what you are selling as a service or a product.

SAQ-A form is about 20 questions, not technical at all.

SAQ-D is about 200 questions very technical

Overall think about what you are getting your self into when you decide to open a business online, understand the risks and appropriate fees the banks and other service providers will charge. If this is something you can get past than please progress into the exciting world of E-commerce business.

-regards Tin the mater of disaster Nguyen.