Tom, You should check with your provider/gateway on what solutions they have for recurring billing. If you store credit card data in your DB you're going to have to go through a much higher level of PCI compliance. AFAIK, this includes annual on site audits, etc. regardless of volume.
Many providers now have api's that allow them and not you to store the actual CC numbers but still allow for recurring transactions. You should check there first. -- View this message in context: http://ofbiz.135035.n4.nabble.com/Credit-Card-PCI-compliance-tp4656568p4656640.html Sent from the OFBiz - User mailing list archive at Nabble.com.
