Dan, Normally I would completely agree, its our job to find those solutions. Unfortunately, the sector that my FT job deals with is retail and many of our clients are in this bind with PCI data. Hefty fines are charged to those not in compliance. The major CC companies are taking this so seriously and the ramifications are being felt in many IT shops. Compliance failure can lead to loss o privileges to accept CCs. Its gonna force us to be more creative in how we handle the data and create the applications that allow our clients to offer ecommerce, we will have to learn some business skills to make this happen. It may mean that its becomes more contractual in dealing with third parties, where the ecommece shop effects payment on behalf of the vendors. The OP may need to help his client work out a better way to manage the transactions between the related parties by finding ways to automate the various transactions and provide gateway access... I, too, like to eat... ;-P bastien > Date: Wed, 19 Dec 2007 17:21:57 -0500> From: parasane@xxxxxxxxx> To: bastien_k@xxxxxxxxxxx> Subject: Re: Credit Card Encryption> CC: larentium@xxxxxxxxxxxx; php-db@xxxxxxxxxxxxx> > On Dec 19, 2007 4:45 PM, Bastien Koert <bastien_k@xxxxxxxxxxx> wrote:> >> > Nope, I still would not recommmend it. The only place the CC data should travel to is the payment gateway. Anything else is a security risk. Why does your client process by hand? They should be using a payment gateway.> > That's true, Bastien, but if for whatever reason it's not an> option for them, what? Tell them it's tough cookies and they're SOL?> > Our job as programmers - especially freelance - is to make things> happen as safely and securely as we can, but as a bottom line, make it> happen. I'm sure we (most of us) take the responsibility to> discourage a client from making such choices, and to educate them on> alternatives that are better for their interests, but still - at the> end of the day, we're still just code monkeys. We're expected to> build what the client needs, or else they'll find someone else to do> it for them.> > And I don't really like to go hungry. ;-)> > -- > Daniel P. Brown> [Phone Numbers Go Here!]> [They're Hidden From View!]> > If at first you don't succeed, stick to what you know best so that you> can make enough money to pay someone else to do it for you. _________________________________________________________________ Exercise your brain! Try Flexicon! http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
