Store everything but the number and communicate with the users why yo u are not storing them. Asking them to retype everything is a pain b ut just the CC, na, I don't think you would here anyone complain, the y would probably like that...
>>> [EMAIL PROTECTED] 01/28/02 12:48PM >>> What about return visitors that want to store their CC number? MD5 h ash on the number? then store it in the database? At 11:56 AM 1/28/2002 -0500, you wrote: >here here, all we keep are the last 4 numbers.....let the banks worr y >... > > >>> [EMAIL PROTECTED] 01/27/02 07:00PM >>> >Don't store the credit card numbers at all. Just process the transa c >tion >immediately and store the rest of the order information. > > > >----- Original Message ----- >From: "Jeff Fongemie" <[EMAIL PROTECTED]> >To: "CF-Talk" <[EMAIL PROTECTED]> >Sent: Sunday, January 27, 2002 7:17 AM >Subject: Best way to store credit cards in database? > > > > Sunday, January 27, 2002, 10:12:15 AM > > Hello CF-Talk, > > > > I've got a simple site, and uses a small Access database. We wi ll > be > > taking credit cards. > > > > Wondering what others consider a realistic practice to ensure > > security to a reasonable level. What do others do? > > > > The site will have a SLL, but I'm thinking along the lines of > > encrypting the card number. However, I know how unsecure ColdFu si >ons > > encryption is, so why bother? > > > > If people do somehow encrypt the card number, would you be will in >g > > to give examples? And I guess I'll need a way to unencrypt the > > numbers in an admin area. > > > > I've seen where a site will store half of the number, and the s ec >ond > > half gets sent by email to the shop owners. Then the shop owner s > > need to go in and match up the numbers. > > > > Thanks for any advice, recommendations on this. > > > > > > Best regards, > > Jeff Fongemie mailto:[EMAIL PROTECTED] > > > >____________________________________________________________________ _ >_ >Why Share? > Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 > GB MO/XFER > Instant Activation · $99/Month · Free Setup > http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc >FAQ: http://www.thenetprofits.co.uk/coldfusion/faq >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ >Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists > > > _____________________________________________________________________ _ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists ______________________________________________________________________ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists