First of all, nice work on component, I like the simplicity of it.
After initial test of component and additional payment plugin (Moneris) I was able to create test payments and all checks out. But then, I've realized if website I'm adding this payment option to handles Card Holder Data (CHD) it needs to be PCI compliant. Which makes sense to me, I don't want to be blamed for any data breach, especially when it comes to credit card data.
So, as a potential solution Hosted Payment Pages (HPP) can be used. Where you push all the forms data to payment providers and redirects payee to their system to complete transaction there. Once that is done, redirect back to website that initiated this whole process and update local database record with transaction data.
As far as I can tell, Moneris Payment Plugin does not support HPP. If using PMF, how did you handle PCI compliance?
The webiste I'm working on is on shared hosting and those will never be PCI compliant, you'll need dedicated server for that. But that means steep monthly costs for small businesses (expected annual revenue from pmf payments are less than $10,000).
