At 09:35 AM 2/11/2010, you wrote: > > >As far as I am aware you aren't allowed to store credit card numbers >yourself without a weekly security audit from the card issuer...
Do what?! I've never heard of this... If that's the case, then the company I work for has been breaking the law for YEARS! We store CC data (encrypted, of course) in our current database so that if a customer changes their mind, we don't have to reacquire the CC info from them to charge (or refund) their account. In the Flex app that I'm writing, the plan is to continue to do the same thing... And how would the CC issuers (dozens of 'em? Hundreds?) all have the time to audit every company that uses CC info for any purpose whatsoever? Doesn't sound possible to me. Laurence MacNeill Mableton, Georgia, USA
