I am wondering if you are charging your customers with Credit card (not using paypal/google checkout etc.). I am wondering if you could recommend steps you have taken for compliance - please respond privately if you do not feel comfortable disclosing publicly.

As part of this response, please let us know the amount.

Thanks!!

_________________
Introduce professionals and get paid!

Whilst i would be interested to know what steps linode have taken to secure my details, im fairly confident that for security reasons there not going to divulge that ot anyway..

Likewise the amount, as that would be giving away business information.

_________________
ServerAdmin - www.our-lan.com
"Diplomacy is the art of saying nice doggy whilst looking for a really big stick"
"In my experiece, any attempt to make any system idiot proof will only challenge God to make a better idiot"

My understanding is that unless you outsource all payment processing functions (e.g. you use PayPal Website Payments Standard, and thus only need to complete PCI DSS SAQ A) you cannot be compliant at Linode--or most other standard hosting providers. Submitting your SAQ and passing a scan doesn't mean you're compliant, you just look that way on paper.

Linode itself obviously needs to be PCI compliant for its own payment processing, however this is very different from hosting customer linodes in a PCI-compliant way and assuming liability for that compliance. Just read through SAQ D to see why this is a specialized and expensive proposition. Please note that I'm not at all suggesting that Linode is anything but secure.

Sorry I digressed - This is what I would like to see. User selects the product and inputs the CC information (Similar to Linode payment screen) and acknowledgment is shown in the next screen. Thats it!

Please recommend any vendors/gateway to achieve this. And should I be PCI compliant.
Appreciate this help!

_________________
Introduce professionals and get paid!

Surely this will depend on

- whether you want to obtain a merchant account (which will depend on what you're selling, your geographical location, relative risk to your bank etc.)
- or whether you're happy with third party processors such as Worldpay, 2checkout, etc.

I.e. unless you're in the same business & physical location, recommendations may not be all that useful.