[ic] CC Encryption

Michael Baird interchange-users@icdevgroup.org
Wed Jun 12 10:15:01 2002


Bill, yes that was essentially my point, I've received a few good suggestions 
though (as well as flames), a webmail system for my customers to retrieve the 
order emails for one (it's doable but not a real clean solution), or to 
modify the orders page in such a way that it can handle the unencryption of 
the card number (viewed through their Secure site of course), or come up with 
a custom encryption program replacement which will receive the raw data from 
interchange before it's encrypted, and have it mail the order to the 
customer. As a side note we've used Payflow Pro with great success for some 
of our merchant accounts, it seems pretty reasonable 
http://www.digitalpoint.com/products/verisign.php, being that a realtime cc 
processing gateway is the first option.

Regards
MIKE


On Wednesday 12 June 2002 08:29 am, Bill Carr wrote:
> On Tue, 2002-06-11 at 23:28, Kevin Walsh wrote:
> > I'm sure that you could come up with a whole host of weird suggestions,
> > such as encoding the card number into a PNG image file and sending
> > HTML-encoded order emails, but the fact of the matter is that none
> > of them will be secure enough to stop you losing your merchant account
> > if you are caught.
> >
> > I suggest that you either take the time to install PGP/GnuPG, or that
> > you use some form of automated card payment processor.
>
> How can a non-technical Windows user decrypt a PGP encrypted message
> from their mail client? We used to ship PGP from Network Associates to
> our clients for this purpose but this product has been dropped. How can
> we get the CC info to the shop keeper safely with little pain or no
> pain? Realtime processing is not an option for low volume sites.