On Mon, 15 May 2000 12:32:14 +0100, Stewart McGowan <[EMAIL PROTECTED]>
wrote:
> I think you're over complicating your business rules; if you store the
> credit card details why do u need to access them again at the client, don't
> u just charge the card for subsequent purchases automatically?
Also to Russ Michaels...
I think you misunderstand :-) We don't need to present the details back to the user
(as Russ says, I can just show them the last four digits or something), but if the
card is to be charged again I need a way to securely store the full details, only for
the administrators to see by supplying the private key perhaps.
Obviously they need to be stored on the server and I'm sure that the server is quite
secure - but you can never be 100% sure of that and so some encryption will be needed
to ensure that even if a no-good-nik gets access to the database itself that unless
(s)he has quite a few years of computing time spare that the credit card details are
going to be quite safe.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
