on 13/08/02 6:58 AM, The Gabster ([EMAIL PROTECTED]) wrote:

> Thanks again, Justin...
> Any suggestions on how to store/transmit the credit cards securely?

I'm not a security expert at all, so don't consider this advice anything
more than "suggested for further reading".

This is a big can of worms.  To transmit them, you need to transmit them via
SSL (https://).  Talk to your host about this.

To store them in an encrypted manner, you should look at mcrypt() PHP
functions, and some of the MYSQL encrypting functions...  Both have special
server requirements, and you'll need to be WAAAY careful of where and how
you store the encryption keys (passwords).  Especially on a shared server.
Ask your host how THEY handle CC#'s, if at all.

Needless to say, this is not light work.  You should seriously consider
paying someone to do this properly for -- at least the first time, and try
to learn off them.  You should spend lots of time talking with your host
about security holes, and most importantly, you should destroy the cc
details as soon as you no longer need them -- 20 cc#'s stored is less
desirable to a hacker than 2000, or 20,000 cc#'s.

> How do I get set up to accept credit cards?"
> And how
> do I process them manually?

I'm not a bank.  The owner of the store needs to ask their bank.

Justin French

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to