>cc numbers at all. Collect them on your secure form, send them to the
>card processing gateway and DON'T store them. There are many who will
>say this is the best way, and I think it is. It limits the customer's
>liability and, perhaps as importantly, your own.
Just wanted to add my agreement to Matt's post here...and add that you can still do authorize at the time of sale and then capture later, at least with most processors I have worked with. Most will return a transaction ID when they run the authorization which you can later use to then capture the funds. You can do returns as well, either through your application or using their online system, so there really is no need to have the credit card number at all. Of course, convincing clients of that is another problem altogether!
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
