I was thinking but I'd rather not have to write all the code to
implement a pub/priv key pair system where the private key is encrypted
so the admin has to login and enter the password for the view to
decrypt the key to decrypt the credit cards.
comments, ideas?
For your online processing, I recommend using TrustCommerce and store
the credit card information in their "Citadel" product -- that way you
don't have to store the credit card numbers ever, at all, period, for
any reason, whatsoever.
-jag
https://pcisecuritystandards.org/
If you're able to offload all of this to some third party, you should.
IMHO.
--
Dave
Doesn't remove the moral obligation on your part to do something about
it, or refuse the work.
Jay P.
- CL