For me I would never try to store sensitive private information anywhere as user don't know. I would ask to input credit cards information once again when getting back online.
George Jeff Krueger wrote: > Paul, > > Thanks. Yes I was thinking about something close to that. Of course > when the CC is entered you can do the check digit to make sure the number is > valid. I have a good background in Flex all the way back to flex 1.5. I > haven't started with AIR yet, but I am thinking so I put the CC into the > value object and attempt to call my webservice to actually do the charge. I > am looking for details about how the application handles the fact it can't > get to the webservice. What is AIR doing being the scene to "save" that so > it can resend it when a connection is available again. Yes if I encrypt the > CC before putting it into the value object that helps, but I still have to > answer the question for the auditors of where is the encrypted information > stored. Is it purged after the connection is reestablished, etc. So in a > perfect world maybe there is a flag for a field in AIR that if it has to > store it for a temp time that it will encrypt it. I am just having > a hard time finding out the low level details of how this is supported (The > store and forward). > > Thanks > > Jeff > >
