[ic] Credit Card numbers Stored Encrypted in SQL Database - No Answer Yet
Russ Mann
tech@khouse.org
Wed, 25 Apr 2001 14:15:45 -0600
So, correct me if I'm wrong, but because of the RH takeover, IC looses
functionality? There is ZERO risk involved with storing CC#'s on disk if
they're ENCRYPTED, Which is precisely what I'm trying to do. It worked just
fine in MV....
-----Original Message-----
From: interchange-users-admin@lists.akopia.com
[mailto:interchange-users-admin@lists.akopia.com]On Behalf Of Webb,
Malcolm
Sent: Wednesday, April 25, 2001 2:00 PM
To: 'interchange-users@lists.akopia.com'
Subject: RE: [ic] Credit Card numbers Stored Encrypted in SQL Database -
No Answer Yet
Hi Dan-
That's true. But then, there is no cost to my customers if they decide to
switch to a competitor.
I understand that there are security issues with storing CC#s in the DB, but
there is no evidence to indicate that consumers will pick a safer site over
one that offers a more convenient buying experience.
If customers know that they do not need to re-enter any info the next time
they come back to your site, that represents a huge competitive advantage
for the merchant.
I'm not sure, but I would bet that most e-commerce packages will offer
"one-click" functionality out-of-the-box within the next year or so (I think
Yahoo! Store may already offer it). That means that to stay competitive,
merchants will need to offer it in their stores.
It's not clear to me why RedHat would care what merchants are storing - I
would bet that there's some type of disclaimer in the IC license that limits
their liability...
===========================================
Malcolm Webb
Product Manager
UpShot.com
voice: 650-623-2296
fax: 650-564-9780
email: malcolmw@upshot.com
web: http://www.upshot.com
===========================================