Printer Friendly Version
Email this thread to a friend
|
Featured Web Site Template |
|
Reflects user activity within the last 5 minutes
|
|
| Member |
Message |
sirduncan
Joined: Jun 15, 2000
# Posts: 481
|
Posted: 2003-Dec-04 18:24
I am building a custom manual order form for my online business. I have it on a regular inexpensive host. I want to know how I could go about accepting credit card numbers through this script and storing them in files on my host.
Now, I know about encryption, and the fact that I don't want to do that, so I had initially planned on taking all info except the cc number and write that in later. However, I want to know if there is a better way.
So I was thinking..... no one knows where this script is and there are no links to or from this script. It is completely dynamic so it is unlikley that it would ever be spidered. I know that there are people in this world with software that 'watches' the internet for unencrypted cc numbers. But my question is if I choose to proccess these cards on this one single script and then host those numbers in regular data files on my host, what are the chances that these numbers could be taken?
Secondly, if thats not possible, can I break up the number into 4 sections of 4, transfer that way and host the data in that way?
Yes, I am trying to get around having to go secure for this one single little script, that may not get used more than 10-15 times a month.
I would be interested in your thoughts on this matter. Thanks.
|
 |
plato2
Joined: Dec 26, 2003
# Posts: 9
|
Posted: 2003-Dec-27 05:44
Hasve a look for Mal's e commerce site on the web. Amazingly it's free and you can use it to accept credit cards over a totally secured link. You get an email when someone has purchased and the link to go to where you can see the cc. From there you manually process the order.... you can write the cc down yourself and it stays there for some time before it is deleted...worth a look.
Paul.
|
|
Frog
Joined: Dec 19, 2003
# Posts: 49
|
Posted: 2003-Dec-31 13:20
sirduncan,
the simple answer is that, not only is it stupid but it's illegal in most countries. you do not ever want to hold private/personal data in an insecure manner.
without being rude, i'm wondering why you don't get businesslike about your online business? it may not get used more than 10-15 times a month, but that's still 150~ transactions a year, minimum. with some effort and a small investment, say £50 ($80) you could be hosting on a shared secure server or wherever :D
|
|
sirduncan
Joined: Jun 15, 2000
# Posts: 481
|
Posted: 2004-Jan-02 14:16
Let me explain a little more:
The whole idea from the beginning was to be able to take credit cards from people who don't feel comfortable using a credit card online. We get hundreds of orders via our regular online ordering system, but when someone calls in, we need to be able to take their information just the same.
We have been through dozens of different methods of handling these manual orders, and none of them have been very effective. Our closest one (as of yet) is this new manual online form I've built. But I agree that it probably isn't the best idea to handle the CC's in this way. Beyond that - it defeats the purpose of the customers interest in not sending CC info over the Internet.
So what we are down to is taking all of the purchasing information via this online form, and then writing down the cc number on the printed copy? Seems terribly archaic in this world of technology.
Let me also add that, the credit card number is never stored online or anywhere. It is stored in an 'encrypted' way. - a bunch of 0's and 1's. Then, upon serving these 0's and 1's to the web page that no one knows about but my wife and I, it 'decrypts', per say, to output the CC number for viewing or printing.
I realize that this may not be the best way of doing this, but that is exactly what I am looking for. Our current method (before this new manual form - and all previous things we've tried) is terrible. Lost orders, lost information, etc.... We can't have that. So we need to find an effecient way of taking all of this information we get via manual orders and handleing them just like all of the regular order we get online.
ok - that came off a little winded, but I am near the point of exasperated because of these things... I have tried installing the same script on my home computer (written in perl) but I can't seem to get it to run.
Anyone?
|
|
gal
Joined: Eons Ago
# Posts: 1148
|
Posted: 2004-Jan-05 15:33
Some merchant accounts have a virtual terminal available. I am with Echo-inc.com, and through there Merchant America services, I process my credit cards securely. Telephone or face-to-face charges I can enter securely on the net with the virtual terminal. I think I can also enter transactions with a touch tone phone, but I have never used this function.
|
|
You are not permitted to post messages in this forum or topic, because of one or more of the following reasons:
- You have not yet logged in, or registered properly as a member
- You are a member, but no longer have posting rights.
- This is a private forum, for which you do not have permissions.
If you are a recent member, it's possible that you simply have not yet confirmed your account. Please
check your email for a message entitled 'JimWorld Forums: Confirm Your Account' and follow the instructions
contained within.
If you cannot find this message, click here to Re-Send it.
|
If you are still experiencing problem, please read the
Login Assistance
Article for some advice on what may be causing your login not to work properly.
|
Switch to Advanced Editor and ...
Create a New Topic
or Reply to this Thread
|
|
Inbox
