duncan gray wrote: > Do the credit card > companies say you cant do this sort of thing? is it chiseled out in > stone somewhere?
At least as of yet the Credit Card issuers have NOT told us HOW to secure our credit card information, though some are beginning to ASK. > I'm sure holding CC details on the server would be > more secure then the office next door, where all some one has to do is > brake a window(ok yeah just an example), take the reciepts. etc. While we use a third-party gateway to process credit cards, we do end up with some credit card numbers. They're secured in a virtual drive created by a jetico.sci.fi (see my previous post in this thread), on a protected system behind a firewall. > Or just look over someones shoulder when they are making a payment > somewhere. It's not really about physical security so much as risk and perceived security. I stand by statements I've been making for years that your credit card is more secore (in general) on the 'net than it is in a restaurant when you give it to that 20yo waiter/waitress who just started working a the local coffee check with no background check. But I still don't want to end up on the six-o'clock news. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
