Re: Credit Card encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 9:52 AM +0200 6/1/10, Peter Lind wrote:
Just wondering: seems there's a bit of a misunderstanding going on
here. Are you talking about storing credit card information in a way
such that customers can do online transactions without entering that
information? Or are you talking about storing this information so your
own company can fill in the details on a monthly basis?
 If 1) then the above points apply and you should not store the data,
period. If 2) then I would assume the situation is somewhat different
- though, not knowing the laws from the US I wouldn't really know.

Regards
Peter

Peter:

Yes to the first.

I am sure there are all sorts of situations, but in most of the problematic ones I've encountered the clients want to have customers logon and have all their credit card information automatically filled into their forms for purchase. This requires that somewhere on the site all customer's data are kept in a manner that can be accessed and used -- and therein lies the problem.

Clients (mine) often think that a web site should be as safe as their brick and mortar operations and as such offer similar services -- namely having a past customer's data waiting and available for immediate purchase without having to brother the customer for it again -- like having a card file.

Unfortunately, the security aspects of the web require different thinking -- the web is not brick and mortar, which provides both concern and opportunity.

Cheers,

tedd

--
-------
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux