on 13/08/02 6:58 AM, The Gabster ([EMAIL PROTECTED]) wrote: > Thanks again, Justin... > > Any suggestions on how to store/transmit the credit cards securely?
I'm not a security expert at all, so don't consider this advice anything more than "suggested for further reading". This is a big can of worms. To transmit them, you need to transmit them via SSL (https://). Talk to your host about this. To store them in an encrypted manner, you should look at mcrypt() PHP functions, and some of the MYSQL encrypting functions... Both have special server requirements, and you'll need to be WAAAY careful of where and how you store the encryption keys (passwords). Especially on a shared server. Ask your host how THEY handle CC#'s, if at all. Needless to say, this is not light work. You should seriously consider paying someone to do this properly for -- at least the first time, and try to learn off them. You should spend lots of time talking with your host about security holes, and most importantly, you should destroy the cc details as soon as you no longer need them -- 20 cc#'s stored is less desirable to a hacker than 2000, or 20,000 cc#'s. > How do I get set up to accept credit cards?" > And how > do I process them manually? I'm not a bank. The owner of the store needs to ask their bank. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
