Does SSL Certificate is necessary for VM2

[peaceandlove]

We are tryign to add Credite card and paypal for our website, for cc we are using this

http://extensions.virtuemart.net/payments/paypal-payments-pro-3d-secure-detail

My questions are

a) Do we require SSL Certificate or any thing else to accept credit card

b)  this product say 'ayPal also require PayPal Payments Pro merchants' websites to be PCI compliant' how can we know our website is PCI complaint and if not how to make it

[ssc3]

If the credit card form is hosted on your own server as in PayPal Pro then a
SSL certificate is required.

Otherwise use something like PayPal Express to accept credit card and paypal orders.

http://forum.virtuemart.net/index.php?topic=104184.msg346574#msg346574


PCI involves keeping your customers data secure.
This is a list of the PCI requirements

1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other
security parameters  Protect Cardholder Data
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software on all systems commonly
affected by malware
6. Develop and maintain secure systems and applications  Implement Strong
Access Control Measures
7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data  Regularly Monitor and Test
Networks
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes  Maintain an Information
Security Policy
12. Maintain a policy that addresses information security