Results 1 to 12 of 12
  1. #1
    Join Date
    Nov 2004
    Location
    UK
    Posts
    237

    Do you keep credit card details?

    Do you keep your clients credit card details? If so, how do you encrypt them?

  2. #2
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    You can only keep the CC number if you are CISP compliant. You also may NOT store the CVV numbers anywhere

  3. #3
    Join Date
    Dec 2004
    Location
    Spain
    Posts
    255
    It is a wise man's rule not to have anything close to personal identification data in your servers. No bank accounts, no credit cards, no driver licenses ids... Just ask and save the minimum and let the critical data be processed by a Payment portal (Paypal and alike)

    Less troubles on your way. You will have already too many without looking for them :-)
    ComfortHost.NET. Top quality hosting. And a personal touch.
    ** web hosting ** reseller hosting ** VPS ** Managed Servers **

  4. #4
    Join Date
    Dec 2004
    Location
    Fort Lauderdale, Florida
    Posts
    481
    Yes, the merchant accounts will store the credit card information on their servers. All you really need is name, address, e-mail, phone number, etc.
    Voxxit - Accessible Web Design & Secure, Affordable Web Hosting
    Now offering 501(c)3 non-profit discounts!
    Ruby on Rails included with every hosting account! - Save up to 80% bandwidth on all plans with mod_deflate!
    Visit our services page to see how Voxxit can help you today!

  5. #5
    Join Date
    Jul 2004
    Location
    Boston, MA
    Posts
    114
    No, I let the merchant handle that. I just store any needed contact information.

  6. #6
    Join Date
    Feb 2003
    Location
    United States
    Posts
    1,435
    We have no reason to retain this information. It's a big liability risk if you do, not to mention I can't see how anyone who runs a business can sleep well at night knowing they have people's credit card numbers stored. It's just not smart.

  7. #7
    Join Date
    Oct 2003
    Location
    Georgetown, Ontario
    Posts
    1,771
    We give our clients a choice. If they wish to be autobilled, then they can choose to keep their details on our server. If they want to pay manually, then they don't need to store any cc details with us.
    ·· Repeat after me... ProSupport is the best... Prosupport is... ··
    ProSupport Host Support System - OUT NOW! Grab a copy yourself and see what the hype is about!
    VertiHost Inc. - We run a quality business. Do you?

  8. #8
    Join Date
    Oct 2003
    Location
    California
    Posts
    1,271
    As others, I let Authorize keep all that information on their servers. I have alot of clients that pay by check though If you want to do that though, Modernbill has that type of setup where it has encryption.

    Good luck!

  9. #9
    Join Date
    Nov 2004
    Location
    UK
    Posts
    237
    Oh, okay. I was just wondering if it was actually needed for anything. So long as I keep the invoices and stuff, it's fine, right?

  10. #10
    Join Date
    Jan 2004
    Location
    Ellesmere Port, Wirral, UK
    Posts
    1,540
    Originally posted by Pheaton
    We give our clients a choice. If they wish to be autobilled, then they can choose to keep their details on our server. If they want to pay manually, then they don't need to store any cc details with us.
    Same here. Works well so far.
    BTi-Hosting.co.uk High quality hosting, low low prices.
    One step ahead of the competition - Today IS tomorrow.
    FraudWise.Net - Fight the fraud!

  11. #11
    Join Date
    Dec 2004
    Location
    Fort Lauderdale, Florida
    Posts
    481
    R Echo, yes, you shoud always keep copies of the invoices on a monthly CD, etc. You should make them PDF forms, too.
    Voxxit - Accessible Web Design & Secure, Affordable Web Hosting
    Now offering 501(c)3 non-profit discounts!
    Ruby on Rails included with every hosting account! - Save up to 80% bandwidth on all plans with mod_deflate!
    Visit our services page to see how Voxxit can help you today!

  12. #12
    Join Date
    Nov 2000
    Posts
    3,046
    Nope... but then again it is a rare few that actually pay by credit card. As mentioned, you are required by Visa regulations to be CISP compliant to store credit card information (which I'd imagine close to zero on this forum are). It's dangerous and stupid as you WILL be liable if any credit card information is stolen due to lack of security procedures.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •