PCI Compliance is a nightmare. ;) I'm sure Amazon.com goes through the process of being PCI compliant; and has high level security for storing and encrypting credit cards. For example, I'm sure their credit card storage machines are in a secure building [with guards and limited access] on machines that are only accessible by sitting at the machine or via a secure VPN connection.
And I'm sure routine audits are done by outside companies, although I don't know the frequency they need to occur. Additionally, every time they release new code; it needs to be reviewed by some party independent of the developer. Etc.. etc.. Putting together a PCI compliant environment is easily a $100K proposition if you aren't storing credit cards. I'm sure Amazon.com spends much more than that on a yearly basis. For the rest of us go to a company like Authorize.net [or similar] that provides subscription billing services. We never have access to the CC ata, just some unique customer ID that we can use for billing subscription services. --- In flexcoders@yahoogroups.com, Paul Andrews <p...@...> wrote: > > Lee Jenkins wrote: > > W.R. de Boer wrote: > > > >> > >> > >> As far as I am aware you aren't allowed to store credit card numbers > >> yourself without a weekly security audit from the card issuer... > >> > >> > > > > I don't think that is the case. You need to have a business use for > > storing > > credit card data and of course, it then needs to be encrypted and only > > certain > > parts of allowed to be stored. For instance, CVV2 or track discretionary > > data > > storage is a no, no. > > > So how do companies like amazon keep card info for future use? > > https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml > > > > -- > > Warm Regards, > > > > Lee > > > > > > > > > > ------------------------------------ > > > > -- > > Flexcoders Mailing List > > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > > Alternative FAQ location: > > https://share.acrobat.com/adc/document.do?docid=942dbdc8-e469-446f-b4cf-1e62079f6847 > > Search Archives: > > http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links > > > > > > > > > > >