0  

If you would like to process direct cards on your website, you will need to be PCI compliant.Look at this link.

如果您想在您的网站上处理直接卡,您需要符合PCI标准。请看这个链接。

0  

Per the PCI DSS 3.1, requirement 4 details what strong cryptography and protocols should be used. Additionally, within requirement 4.1,

根据PCI DSS 3.1,要求4详述了应该使用的强加密和协议。此外,在要求4.1中,

Sensitive information must be encrypted during transmission over public networks, because it is easy and common for a malicious individual to intercept and/or divert data while in transit.

在通过公共网络传输期间必须加密敏感信息,因为恶意个人在传输过程中拦截和/或转移数据是容易和常见的。

Therefore, since all SSL and TLS 1.0 implementation are not considered secure, I would suggest encrypting the data via TLS 1.2 when it goes over the intenet by accessing the REST interface via HTTPS and ensuring that TLS 1.2 is used.

因此,由于所有SSL和TLS 1.0实现都不被认为是安全的,因此我建议通过TLS 1.2加密数据,方法是通过HTTPS访问REST接口并确保使用TLS 1.2。