Edward Vermillion <mailto:evermillion@xxxxxxxxxxxx> on Wednesday, May 03, 2006 4:15 PM said: > Ahhhhhh!!!!!! *thud* > > Count me in the heart attack group. So would it be a reasonable risk > if it was *your* cc # that was stolen? And do your customers *know* > that you're handling their sensitive info in this way? I.E. is there > a big red lettered notice that they see before they hit submit? > > Would *you* be willing to have your cc sitting in the db at all > times? I'd think that would be a reasonable request. Overall I think you bring up a good point but I don't think our method is unreasonable. There's risk involved in everything and I do in fact think it is a reasonable risk, even for my cc. I bought something oversees once and my cc was used to buy jewelry in another country. That was a number of years ago and I've since made numerous other purchases on the internet (without any problems). Those purchases were made on both well known and mom&pop shops around the world. I'm definitely open to suggestions on how we can minimize our customers' risk. Even moving to an online cc processor if need be. In fact I wouldn't be surprised if our current merchant account company has the ability to process cards online. But until that kind of system can be implemented what suggestions do you have for me right now? Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
