How do you hold customers credit card digits safely
I have an authorize.net merchant account and was wondering what I could store my clients credt card numbers so I would have to email them when there payment was due I could simply charged their card... How could this be done safely? Are there any services that store this information for you? Thanks.
ok where can I find information on DES3 encryption in a mysql database, we are dealing with thousands of credit cards so we really need this also if I encrypt them how do I un-crypt them is there a script that does this or do I have to manually do this?
You could always accept PayPal in which case, you never know their credit card number or checking account number. The PayPal IPN system works well for updating your database with customerís who have paid, etc.
I've used that, paypal sucks ... Plus you don't have direct access to there card so if they buy something new or go over quota I have to email them and it is a pain... Anyone know how I can store there digits safely?
ahhh, your all crazy!!!!!!!! NEVER EVER STORE CC#'S IN A DATABASE, EVEN IF THEY ARE CRYPTED. this was the 1st place theyd go for cc#'s, encryption really didnt matter... it wasnt like they couldnt crack it, well in some cases they couldnt, but in other they could. Anyway, let the CC# processing companies worry about that. the 2nd your database is stolen, your in some deep, i mean deep ****. =/
I think everything in Shannon's HOWTO seems pretty good. I am kind of just wondering what most people do though? His solution is great if you are big enough to have your own data lines and servers inhouse. What about all the people out there using shared or dedicated machines which are at hosting companies? His solution just will not work then. Probably scary if we only knew..............