Dave Vroman (2/19/2013)
Using stored procedures is a requirement for PCI compliance. It is one of the requirements that slows down or stops all manner of nasties (well delineated in earlier posts). If your web site accepts credit cards, this is one of the many requirements.
I recently went through the Payment Card Industry (PCI) Data Security Standard V2.0 documents in detail and never saw anything that stated that you are required to use stored procedures.
Can you point to a specific PCI standards document that states this requirement?