Securely Transferring Data Between Two Servers (Pci Compliancy) in PHP Coding Help Posted October 4, 2012 HI guys have a bit of a logic question. I have a client that does event registration on sites A. B. and C. and they would like to start taking payments for the registrations. Now it would be a bit outlandish to create a payment platform on each site so I'm thinking of handling all the payments on an external source say, site D. now, what i'd need to do is create some sort of API that will receive payment data and handle it accordingly (I.E. process, reject, return messages etc.). My biggest concern is A. the security of this (PCI Compliancy) and B. really differentiating between clients (site A. B. and C.) and the possibility to vastly expand in the future. My understanding is that there needs to be some sort of handshake(TLS handshake?) from one server to another. I think most importantly it's getting the information from the servers of site A. B. and C. to the server of site D. securely. On site D. I would use a payment library and framework to manage/handle the payments and return a payment status. Am I understanding this correctly? Am I missing anything? Am I completely off base and risking alot? Thanks guys... P.S. if there's any consultants out there that are very good and have experience in this field, and are from the U.S. feel free to get in touch, I do pay.