Quoting FS <[EMAIL PROTECTED]>:
> I'm trying to set-up a secure connection for a client who wants users
> to enter credit card details on a web page and then have these emailed to
> them.
May I suggest an alternate approach.
When the credit card details are entered (over HTTPS of course, and with
strong session controls), they should generate an e-mail containing a link
into a back-end application, which requires a password or client-side
certificate (I prefer the latter) and also operates over SSL.
That way, you guarantee that the CC info never goes over an open channel,
which might be the case with e-mail, and also doesn't need any special
software. Your customer can then simply print out the CC for action,
along with the order details, or copy and paste into his/her fulfillment
system.
*********************************
Paul Gillingwater, BA, BSc, MBA
Managing Director
CSO Lanifex Unternehmensberatung
& Softwareentwicklung G.m.b.H.
NEW BUSINESS CONCEPTS
E-mail: [EMAIL PROTECTED]
Tel: +43(1)2198222-20
Fax: +43(1)2198222-11
Mobile: +43(699)1922 3085
Webhome: http://www.lanifex.com/
Address: Praterstrasse 60/1/2
A-1020 Vienna, Austria
*********************************
_______________________________________________
cobalt-developers mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-developers
