Hey all, quick question. If I'm using the CreditCardPaymentFormWithName from django-payments then I assume this will mean I am passing card info to my server and as such would have to be PCI compliant?
if you send it to your backend server then yes, you need to pass PCI compliance
in such cases the script is reponsible for passing the CC details directly to the gateway and in exchange you receive a single-use nonce/token that represents a card without exposing any of its details
your backend only ever receives the nonce/token and then submits back it to the payment gateway for processing along with the amount and other transaction details