On 1 June 2010 15:58, Paul M Foster <paulf@xxxxxxxxxxxxxxxxx> wrote: > On Tue, Jun 01, 2010 at 09:52:54AM +0200, Peter Lind wrote: > >> Just wondering: seems there's a bit of a misunderstanding going on >> here. Are you talking about storing credit card information in a way >> such that customers can do online transactions without entering that >> information? Or are you talking about storing this information so your >> own company can fill in the details on a monthly basis? >> If 1) then the above points apply and you should not store the data, >> period. If 2) then I would assume the situation is somewhat different >> - though, not knowing the laws from the US I wouldn't really know. > > No to #1, yes to #2. > > As for #1, companies like Godaddy do store this information, so I know > it can be safely done. As I noted above: the question is not whether it can be done, the question is whether you want to be the next critter in the limelight because *you* couldn't do it. However, glad to hear you're not looking to do this. That brings up the next question though: what's this got to do with PHP? If I was to store any information like this, I certainly wouldn't code my own storage system with built-in encryption. I would rely on one of the many adequate cryptography programs available, made specifically for encrypting and storing data safely. Regards Peter -- <hype> WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 </hype> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
