[NSRCA-discussion] Raffle and Paypal

Derek Koopowitz derekkoopowitz at gmail.com
Tue Oct 10 07:10:05 AKDT 2017


Actually the F3A site is running on https… so EVERYTHING between the user and the website is encrypted using 256 bit encryption and everything between the F3A website and Stripe is encrypted, so no CC information is ever available to anyone that could potentially hack the server.

 

From: NSRCA-discussion <nsrca-discussion-bounces at lists.nsrca.org> on behalf of NSRCA List <nsrca-discussion at lists.nsrca.org>
Reply-To: Peter Vogel <vogel.peter at gmail.com>, NSRCA List <nsrca-discussion at lists.nsrca.org>
Date: Tuesday, October 10, 2017 at 6:38 AM
To: "atwoodm at paragon-inc.com" <atwoodm at paragon-inc.com>, NSRCA List <nsrca-discussion at lists.nsrca.org>
Subject: Re: [NSRCA-discussion] Raffle and Paypal

 

We use stripe for the raffle transactions. Stripe is fully PCI-DSS compliant and all card data is encrypted from start to finish. 

 

I recognize that our site is not on https (it should be, but that’s also a cost) but the stripe widget we instantiate on our page IS delivered from

Stripe via https and all data it sees is visible only to it via https, and never transits our site (we simply get told the transaction was successful or not). 

 

Peter+

 

Peter+

 

Get Outlook for iOS

From: NSRCA-discussion <nsrca-discussion-bounces at lists.nsrca.org> on behalf of Atwood, Mark via NSRCA-discussion <nsrca-discussion at lists.nsrca.org>
Sent: Tuesday, October 10, 2017 6:26:15 AM
To: nsrca-discussion at lists.nsrca.org
Subject: [NSRCA-discussion] Raffle and Paypal 

 

Hey All, 

 

First I want to thank those of you that have gone ahead and purchased some raffle tickets from the team site.  There’s been a little uptick since my last post and that’s appreciated.  Thank you!  We still have a long way to go and the odds of winning are still VERY good.  

 

I’ve had a few different people now ask me why we don’t accept PayPal for the raffle.  The answer is simple, it’s against PayPal’s acceptable use policy.    I spent a good portion of 2014 (prior to our trip to Switzerland in 2015) working with their compliance department to get approval to use it for the raffle.  It’s next to impossible.  Their reason is plausible… raffles can be fraught with litigation if there’s fraud, and every state in the union has their own guidelines and laws around them.  So for an organization like the NSRCA, doing “business” in all 50 states, Canada, and elsewhere, it’s a dead deal.  Short of having Price Waterhouse perform an audit on the whole process, they’re simply not interested in being involved.

 

We HAVE chosen a reliable and secure merchant service provider to handle the credit card transactions and it’s being done on a secure SSL enabled site.  I feel as good about the security as I can… But I understand given the recent Equifax hack and others that “secure” is a loose term.   Sadly that’s the world we live in.     We’re pretty low on the overall radar though, and so far less that 35 transactions for a total of approx $3000 in all.  So between obscurity, and security, I feel pretty good.

 

So if you haven’t bought yet… Please do!!  

 

Thanks again for all the support you’ve given now, and over the years, and hopefully in the years to come.  

 

-Mark

 

 

MARK ATWOOD

o.  (440) 229-2502

c.  (216) 316-2489

e.  atwoodm at paragon-inc.com

 

Paragon Consulting, Inc.

5900 Landerbrook Drive, Suite 205, Cleveland Ohio, 44124

www.paragon-inc.com

 

Powering The Digital Experience

 

_______________________________________________ NSRCA-discussion mailing list NSRCA-discussion at lists.nsrca.org http://lists.nsrca.org/mailman/listinfo/nsrca-discussion

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nsrca.org/pipermail/nsrca-discussion/attachments/20171010/cdab5a55/attachment.html>


More information about the NSRCA-discussion mailing list