[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] SSL on RAQ 4 basic help

Quoting FS <fs@xxxxxxxx>:
> I'm trying to set-up a secure connection for a client who wants users
> to enter credit card details on a web page and then have these emailed to
> them.

May I suggest an alternate approach.

When the credit card details are entered (over HTTPS of course, and with
strong session controls), they should generate an e-mail containing a link
into a back-end application, which requires a password or client-side 
certificate (I prefer the latter) and also operates over SSL.

That way, you guarantee that the CC info never goes over an open channel,
which might be the case with e-mail, and also doesn't need any special
software.  Your customer can then simply print out the CC for action,
along with the order details, or copy and paste into his/her fulfillment
system.

*********************************
 Paul Gillingwater, BA, BSc, MBA
        Managing Director
 CSO Lanifex Unternehmensberatung 
 & Softwareentwicklung G.m.b.H.
      NEW BUSINESS CONCEPTS

E-mail:  paul@xxxxxxxxxxx
Tel:     +43(1)2198222-20
Fax:     +43(1)2198222-11
Mobile:  +43(699)1922 3085
Webhome: http://www.lanifex.com/
Address: Praterstrasse 60/1/2 
         A-1020 Vienna, Austria
*********************************

Sun Cobalt Support by Zeffie.com
 A Sun Cobalt Support Specialist Since 1999
Sun Cobalt Support, Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of Sun Cobalt Updates!
Sun Cobalt Spam Filter, Security, Firewall, Anti Virus Products.
Voip 734-454-9117 At&t 734-454-0818 US Toll Free 800-231-4459 UK 0208-150-6860

Zeffie's Sun Cobalt User Forums
Zeffie's Sun Cobalt Restore CD's   Zeffie's Sun Cobalt Updates  
Sun Cobalt Users List   Sun Cobalt Security List   Sun Cobalt Developers List

Click here to buy me a drink at the local pub!
(includes tip and paypal fees)

Copyright 2007 by Electronic Consultants Inc.