[ic] Credit Card Info

interchange-users@interchange.redhat.com interchange-users@interchange.redhat.com
Sat Nov 3 14:06:00 2001


On Sat, Nov 03, 2001 at 01:10:03PM -0600, Yahoo wrote:
> This may be very novice question, but we are not a high volume operation, we
> really do not need a processing entity at the moment, so I was asked to have
> daily reports with clients orders including card #s, I have come to discover
> that the card # is a variable not a field ( I think ), anybody ever done
> this before could enlighten us,
> Thanks a lot
> 
> samharris@usa.com

This s/b a FAQ.  It is certainly in the archives.  :-)

How do I put this...  Oh hell, flame me so others don't have to
sound like BOFH.

It is very easy to do.  The consensus and experience seems to be, 
however, that if one is not able to do it readily, then it's likely
that relevant security issues have not been addressed, either.  I'm
not paranoid about credit cards myself; IMCO a major reason for their
existence is to facilitate (risky) transactions between unknown parties.
But they are only a tiny part of overall system security.  People here
will be unwilling to help you shoot yourself.

BOFH,
cfm

-- 

Christopher F. Miller, Publisher                               cfm@maine.com
MaineStreet Communications, Inc           208 Portland Road, Gray, ME  04039
1.207.657.5078                                         http://www.maine.com/
Content/site management, online commerce, internet integration, Debian linux