DEVHIDE
Login Or Sign up

Is it PCI-compliant to serve images (securely) from not just a different subdomain, but a different domain?

303 Views Asked by At

Is it PCI-compliant to serve images (securely) from a different domain? I searched the PCI DSS 2.0 PDF and didn't find any references to it.

html security e-commerce credit-card pci-compliance
Original Q&A
2

There are 2 best solutions below

0
On BEST ANSWER

Images do not fall under PCI compliance. PCI DSS covers the storing, transmission, and processing of credit card information only. So you can serve your images from any server you like without having any PCI issues.

1
On

I take it these images are going to appear on the same page as the credit card entry form? If so as long as they are rendered over SSL, then they cannot be hijacked and additional code rendered in their place.

I would say that it would aid in your compliance to have the images served via SSL regardless of the domain due to the fact that your payment page must be presented in SSL to the end user.

Related Questions in HTML

Related Questions in SECURITY

Related Questions in E-COMMERCE

Related Questions in CREDIT-CARD

Related Questions in PCI-COMPLIANCE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.