The debate about the security of hosted payment pages/iFrames etc has been going on for a few years. Evidence is showing that Visa's Alert in 2010 regarding securing the website as well as outsourcing the payment process was very good advice.

How do web developers build and maintain secure websites, especially when the average time between attacks on our FGX-Web Protect clients is under 5 minutes?

Every 5 minutes we are blocking a serious attack against our client websites - what hope do non-security savvy web developers have if they are not using security solutions to protect their client websites?

Read more about PCI Compliance, SAQ A and the Hacked Website.