[ic] Payment Processing and PGP
Mike Heins
interchange-users@interchange.redhat.com
Tue Jan 29 17:42:01 2002
Quoting Fred Pope (fred@satcomresources.com):
> //
> // IC 4.8.3 / RH 7.2 / MySQL / Verisign Pay Flow Pro
> //
>
> A site we are working on is currently running a PayFlowPro with IC 4.8.3 and
> want to include the PGP credit card information on the order page that is
> sent to the ORDERS_TO recipient. The card processing is handled by the
> verisign client, but in case something goes wrong, we would like to be able
> to have the card number for manual credits, adjustments etc.
>
> Does anyone see a significant security risk in doing this?
>
> Has anyone done this?
Yes, I do it all the time. If you have PGP enabled, it shows up in
$Values->{mv_credit_card_info}.
> --
> Fred Pope
> Satcom Resources
> 970-748-3094
> fred@satcomresources.com
> http://www.satcomresources.com
>
> CONFIDENTIAL CONTENTS WARNING
>
> This message is intended only for the use of the individual or entity to
> which it is addressed and may contain information that is privileged,
> confidential and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, or the employee or agent
> responsible for the delivering the message to the intended recipient, you
> are hereby notified that any dissemination, distribution or copying of this
> information is strictly prohibited. If you have received this communication
> in error, please notify us immediately by telephone and delete the original
> message. Thank you. Satcom Resources LLC. 970-748-3094
>
I think you blew the confidentiality thing when you posted to a public mail
list. 8-)
--
Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH 45013
phone +1.513.523.7621 <mheins@redhat.com>
If you think nobody cares if you're alive, try missing a couple of
car payments. -- Earl Wilson