On Thu, Feb 18, 2010 at 4:26 PM, Eric Nicholas Sweeney <n...@bigfatdesigns.com> wrote: > To me, recommending a service is like answering the question "How do you > hammer a nail?" with the answer being "Hire a contractor."
In this case, the answer is "hire a lawyer" because you will be dragged in to any court case involved in the purposeful or accidental disclosure of credit card information. That being said, if I wanted to do this securely, I would probably break the credit card number up into two parts. One part I would store in the database using database encryption. The other part I would encrypt using a public/private key system, then transfer that encrypted part to the client, have the client decrypt it with their private key and then provide a lookup facility for the part stored on the server in the encrypted database. But, honestly, how many clients will have the money to pay to you do a system like that but not be willing to pay for a merchant account? Judah ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330917 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
