[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] SSL on RAQ 4 basic help
- Subject: Re: [cobalt-developers] SSL on RAQ 4 basic help
- From: "Jan Wildeboer" <jan.wildeboer@xxxxxx>
- Date: Fri Nov 23 00:15:01 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
> Thanks for all the tips...It's certainly very clear now from all your
> replies that sending details via email is a big NO NO.
... unless you know what you are doing. In our System we use the following
method:
Store a part of the CC-number in the DB and send the missing digits with
eMail. This reduces the risk to an acceptable minimum (in our opinion). The
only way to get the complete CC-number is to compare the order_id and find
the corresponding DB-entry.
Security is the most important thing. If a complete CC-number is stored in a
DB on a server that is connected to the Internet it indeed is a risk. So we
choose this method.
> The client isn't
> interested in any 3rd party verification - I imagine I will go for the
> database interface option.
I could send you the link to our project (GPL'd shop software in PHP using
MySQL) when interested.
Jan Wildeboer
--
| Jan Wildeboer | /\/\/\ seijsener rekreatietechniek bv |
| eBusiness/Lotus Notes | \____ Noorder IJ- en Zeeweg 11-12 |
| Tel. +49 6203 924903 | \ NL1500 EK Zaandam |
| Fax +49 6203 924972 | \/\/\/ http://www.seijsener.nl |