[H-GEN] Credit card security
Thu May 24 20:44:01 EDT 2001
Folks,
[ store the details ]
> Anything I have missed here or any suggestions on a better way
> to do it?
While I understand real-time online credit card processing may
not be possible in this case, you should design the system to
approximate it, ideally with this as the longer term goal.
Take the CC details (amount, number, card holder name, expiry,
check digits) and store this temporarily until it can be replaced
with a result (amount, yes/no). Do not store the CC details
beyond the validation.
If the decision is made to store the CC details beyond the
validation stage, you need to step up to new levels of paranoia.
Yours sincerely,
-- Mark John Suter | I know that you believe you understand
suter at humbug.org.au | what you think I said, but I am not sure
gpg key id F2FEBB36 | you realise that what you heard is not
mobile 0411 262 316 | what I meant. Robert J. McCloskey
More information about the General
mailing list