[ic] Is PGP necessary if using SSL?

Hostmaster hostmaster at zipp.net
Sun Oct 26 20:24:59 EST 2003

> >>> Hello list members,
> >>> My question:  do I still need to install PGP encryption for
> >>> my client's catalog if he will no longer need to decrypt
> >>> credit card orders sent by Email?  This is new for me, and I
> >>> am only guessing that PGP might conflict with AuthorizeNet when the
> >>> order is placed.
> >>>
> >>
> >> Short answer: Yes.
> >>
> >> Long answer: Maybe not, but it'll be easier if you don't fight the
> >> system. Just install it and save yourself the hassle. It really
> >> isn't that hard.
> >>
> > Thank you for the short and long answers.  I know how to install it,
> > I just don't understand what will happen now if my client is using
> > SSL and AuthorizeNet.  Will he then receive the Order confirmation
> > from AuthorizeNet PLUS the encrypted confirmation from Interchange?
> > If so, this is double work for my client, and I'd like to avoid it if
> > possible.
> > Most gratefully,
> > Michael G.
> >
> No, you don't need PGP if all your doing is sending orders to AuthNet for
> settling. Note however, your client (store owner) will not recieve
> credit card numbers in any email from IC. If he still wants a credit card
> number from IC, even though AuthNet is doing the settling, then yes you
> need PGP.
> Authnet will not send CC numbers via email. However you can access CC
> via their AuthNet Merchant UI.
> I suspect you store owner just wants AuthNet to clear orders, and wants
> to do with CC numbers himself... so no, you don't need PGP
> Paul

To all who responded to this question, my thanks to you.  This response from
Paul is exactly what I was hoping was the case.  I've also reviewed the
information Paul provided at this link:
and found it informative.

Many thanks to all,
Michael G.

More information about the interchange-users mailing list