[ic] CC Encryption

[Barry Treahy, Jr.]

Dan wrote:

>Since you have obviously thought about the reasons behind not passing CC
>info in the plain and have chosen to ignore them. I'm just going to toss
>this in the ring. I have no idea how secure it would be...
>
>I suggest putting the order into PDF format prior to mailing it. Almost
>everyone has Acrobat and you might even be able to password protect the
>file.
>
>Someone please correct me if I am wrong, but wouldn't this reduce the
>chance of someone easily picking the CC number out of an email?
>  
>
Nope, your wrong as PDF stores the plain text as plain text with PDF 
formatting and if you were to use the reading password, that would 
require that password to be stored on the IC server in plain text which 
again, is not secure.

The original poster, in his first post I believe, stated that his 
customers receive their e-mail on web based clients...  Wow!! What a 
huge mistake that would be to transmit CC's in the clear to that type of 
unprotected environment...  Besides, what e-commerce company has 
hundreds of people handling the CC processing, even if it is manual? 
 That makes little sense...

Barry

-- 

Barry Treahy, Jr  *  Midwest Microwave  *  Vice President & CIO 

E-mail: Treahy@mmaz.com * Phone: 480/314-1320 * FAX: 480/661-7028