Yes Maureen - I know this. What "we" are asking is - What if the customer DOESN'T WANT TO USE THOSE - What if they want you to store the credit card anyway... regardless of compliance. (Compliance isn't law...) What if that is your option?
What then? How "should you do it"? Matt's original question wasn't what are other methods - but what is the best choice for encrypting the data. (And what is required for compliance.) And I would like to know as well... (Minus the compliance part... That data is here: https://www.pcisecuritystandards.org And here: http://www.innovativemerchant.com/pdf/pci_dss_summary.pdf ) To me, recommending a service is like answering the question "How do you hammer a nail?" with the answer being "Hire a contractor." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330916 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
