Sorry, don't get me wrong I wasn't trying to be flippant about it, certainly you need to be serious when dealing with card details, indeed *any* personal details. Shared hosting is completely out of the question! I wouldn't even think about storing sensitive information on anything less than a dedicated unix box secured to the hilt. And indeed as you say the best option is leave it to the people dedicated to such tasks, such as worldpay etc.
Robin Haswell wrote: > Richard (koorb) wrote: > > > > Jorge Godoy wrote: > >> Do you really need to store the credit card numbers? At least here it is > >> illegal and not recommended. After the transaction has been done, then you > >> don't need the numbers anymore... > > > > You would for reoccurring billing or like Amazon, so the customer does > > not have to enter it every time. > > Not true. Many PSPs such as WorldPay and FuturePay provide repeat billing > options, where the > customer's details are stored on their own servers. > > I have to agree with the parents though, you really must think hard about > storing CC details in a > database. Especially if you need to ask how to do it. A big problem with this > is your app usually > needs to be able to read the private key required to decrypt the database. > Are you on shared > hosting? How can you be 100% sure that key would be kept secret? If CC > details are compromised your > talking about a custodial sentence. If there is any conceivable way of > avoiding storing them, take > it. Personally, even if a client demanded that I store CC details, I would > tell him to shove it or > shell out for real consultancy. I don't want to go to jail. > > -Rob --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears -~----------~----~----~----~------~----~------~--~---
