years ago (when I was using ASP) a prospective client wanted to SMS the credit card details to his mobile for offline processing.
thankfully I was able to escape from that project! If I knew my CC details were being emailed for processing I would buy elsewhere. Far too much CC fraud is done by employees getting hold of the data (remember people using the carbon off paper processing machines years ago?). Maybe I'm too fussy but with the amount of CC fraud, unless the merchant uses a reputable payment gateway, I don't buy. just my consumer $0.02 worth barry.b -----Original Message----- From: James Macpherson [mailto:[EMAIL PROTECTED] Sent: Monday, 17 May 2004 10:02 AM To: CFAussie Mailing List Subject: [cfaussie] Re: PHP Problem I don't think it matters much if it's coldfusion or PHP - it's a cross language issue. I wonder whether sending credit card details via email is ever going to be a good idea? I'd be asking myself if it's really necessary (eg. how hard can it be to break the encryption if I have a handful of these emails?) Some of the online shops or domain registrars I've used my credit card for give the first and last four digits of the card, which makes it easy for me to see that yeah, that's the current card and it's definately my card (you get something like 5424 xxxx xxxx 0015) >From my own programming perspective, we don't store credit cards numbers AT ALL. I know there have been several posts in the past on storing them encrypted but we still haven't gone this way as keeping the keys secure is the concern here. Even if you use private/public keys to store and reuse that card you have to store both somewhere. Yes, it's annoying that you have to reenter your creditcard details everytime you buy something off one of our major client's sites, BUT if someone's number starts being used, it's one thing we can rule out. Just my 0.02c - I know it's been a bit of a rant, but in terms of sending stuff securely I have to ask if there's a better way than email??? - J > -----Original Message----- > From: Hesh [mailto:[EMAIL PROTECTED] > Sent: Friday, 14 May 2004 10:54 PM > To: CFAussie Mailing List > Subject: [cfaussie] Re: PHP Problem > > > i know, i was just thinking if any of you guys had done this > before, oh > well, sorry about the post then > > ----- Original Message ----- > From: "Peter Tilbrook" <[EMAIL PROTECTED]> > To: "CFAussie Mailing List" <[EMAIL PROTECTED]> > Sent: Friday, May 14, 2004 7:34 PM > Subject: [cfaussie] Re: PHP Problem > > > > This is ColdFusion. Not PHP. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Hesh > > Sent: Friday, 14 May 2004 7:21 PM > > To: CFAussie Mailing List > > Subject: [cfaussie] Re: PHP Problem > > > > hmm i dont think thats possible since theres going to be > over 1000 users > and > > most of them will be teachers from schools all around > victoria, also they > > will be using computers from school so yeah.. thankx for > the idea tho > > > > Hesh > > > > ----- Original Message ----- > > From: "Mark Woods" <[EMAIL PROTECTED]> > > To: "CFAussie Mailing List" <[EMAIL PROTECTED]> > > Sent: Friday, May 14, 2004 6:58 PM > > Subject: [cfaussie] Re: PHP Problem > > > > > > > You can use PGP, but you'll need to get the user to > install PGP and > > > possibly a plugin for their email program. They'll then > need to generate > a > > > key pair, a private key for decrypting and a public key > for encrypting. > > > You'll also need PGP on your server to encrypt text > before sending. > > > > > > A quick google should find some PHP tutorials for doing this > > > > > > > > > Mark > > > > > > > > > --- > > > You are currently subscribed to cfaussie as: [EMAIL PROTECTED] > > > To unsubscribe send a blank email to > > [EMAIL PROTECTED] > > > > > > MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia > > > http://www.mxdu.com/ + 24-25 February, 2004 > > > > > > > --- > > You are currently subscribed to cfaussie as: [EMAIL PROTECTED] > > To unsubscribe send a blank email to > > [EMAIL PROTECTED] > > > > MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia > > http://www.mxdu.com/ + 24-25 February, 2004 > > > > > > > > > > > > --- > > You are currently subscribed to cfaussie as: [EMAIL PROTECTED] > > To unsubscribe send a blank email to > [EMAIL PROTECTED] > > > > MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia > > http://www.mxdu.com/ + 24-25 February, 2004 > > > > --- > You are currently subscribed to cfaussie as: > [EMAIL PROTECTED] > To unsubscribe send a blank email to > [EMAIL PROTECTED] > > MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia > http://www.mxdu.com/ + 24-25 February, 2004 > --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004 --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
