Another fresh article regarding the risks to consider when implementing a fully redirected e-commerce solution. Benj Hosack writes about something the forensics team at Foregenix have seen. While it discusses a few variants that are not specifically of the SAQ A variety, it has a few relevant examples of risks.
And don’t forget about the old paypaul.ca misdirection and read: If a website uses a hosted payment page redirect, is the web server in scope for PCI DSS v3.x?
Ad below this line: