Dan,
Normally I would completely agree, its our job to find those solutions.
Unfortunately, the sector that my FT job deals with is retail and many of our
clients are in this bind with PCI data. Hefty fines are charged to those not in
compliance. The major CC companies are taking this so seriously and the
ramifications are being felt in many IT shops. Compliance failure can lead to
loss o privileges to accept CCs.
Its gonna force us to be more creative in how we handle the data and create the
applications that allow our clients to offer ecommerce, we will have to learn
some business skills to make this happen. It may mean that its becomes more
contractual in dealing with third parties, where the ecommece shop effects
payment on behalf of the vendors. The OP may need to help his client work out a
better way to manage the transactions between the related parties by finding
ways to automate the various transactions and provide gateway access...
I, too, like to eat... ;-P
bastien
> Date: Wed, 19 Dec 2007 17:21:57 -0500> From: [EMAIL PROTECTED]> To: [EMAIL
> PROTECTED]> Subject: Re: [PHP-DB] Credit Card Encryption> CC: [EMAIL
> PROTECTED]; php-db@lists.php.net> > On Dec 19, 2007 4:45 PM, Bastien Koert
> <[EMAIL PROTECTED]> wrote:> >> > Nope, I still would not recommmend it. The
> only place the CC data should travel to is the payment gateway. Anything else
> is a security risk. Why does your client process by hand? They should be
> using a payment gateway.> > That's true, Bastien, but if for whatever reason
> it's not an> option for them, what? Tell them it's tough cookies and they're
> SOL?> > Our job as programmers - especially freelance - is to make things>
> happen as safely and securely as we can, but as a bottom line, make it>
> happen. I'm sure we (most of us) take the responsibility to> discourage a
> client from making such choices, and to educate them on> alternatives that
> are better for their interests, but still - at the> end of the day, we're
> still just code monkeys. We're expected to> build what the client needs, or
> else they'll find someone else to do> it for them.> > And I don't really like
> to go hungry. ;-)> > -- > Daniel P. Brown> [Phone Numbers Go Here!]> [They're
> Hidden From View!]> > If at first you don't succeed, stick to what you know
> best so that you> can make enough money to pay someone else to do it for you.
_________________________________________________________________
Exercise your brain! Try Flexicon!
http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
