It would be completely silly NOT to get a merchant account and do the transactions online in real time. I can't think of an argument in favor of processing transactions in the way you describe that makes any sense. However, I'm not aware of any *law* against storing credit card information. Depending on your client's banking situation, they may be violating their contract if they do it, but it isn't illegal. They will, however, be subject to a tremendous amount of liability if the data is ever compromised. Also, as the developer and a party with specialized knowledge, you could be included personally in any liability suit. I know of one case in the US where this happened and the consultant narrowly escaped being held partially liable for the damage; he still had quite a lot of expenses involved in his defense though. At least limit your liability by documenting your strong objections to storing sensitive financial data -- this kind of documentation was the only reason my friend was NOT held liable in court.
--Ferg Mike Little wrote: >thanks bryan, i am tending to think that the only option IS to go with a >payment server. m. > > > >>>Rather than use a dedicated payment server for their online store, they >>>wish for the transaction including credit card to be stored for >>>retrieval. They would then process the transaction manually using >>>EFTPOS. (each store receives orders based on the billing address >>>entered) >>> >>> >>Well that is illegal for one thing...if the cc companies catch them they >>will get spanked hard ;-) You MUST have a merchant acount(s) for ONLINE >>Txs....using the terminal for online sales is a no no >> >>Storing CC numbers opens the site up to an expensive security audit from the >>cc companies and opens the client (and possibly yourself) to some major >>liability...DO NOT DO IT UNLESS YOU'RE SURE IT'S SAFE!! >> >> >> >>>My question is, is there a safe way to do this. I am pretty reluctant to >>>store credit card information - it would be in an SQL Server db at my >>>webhost. >>> >>> >>Yes...but see above ;-) >> >>HTH >> >>Cheers >> >>Bryan Stevenson B.Comm. >>VP & Director of E-Commerce Development >>Electric Edge Systems Group Inc. >>phone: 250.480.0642 >>fax: 250.480.1264 >>cell: 250.920.8830 >>e-mail: [EMAIL PROTECTED] >>web: www.electricedgesystems.com >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:218936 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
