I've been thinking about using eWay for my payment gateway. But it offers two options: A user can either type in their credit card information on the hosted website or they can use my own form / send the data though my server to the back end. I'm leaning towards using the second option. I spoke to support team and they said I'll be PCI compliant as long as I use SSL (and I don't store any sensitive data). Does this sound good? Thank you very much.