Are you a Google Analytics enthusiast?
More SEO Content
Accepting Credit Cards
Posted 20 May 2010 - 12:54 PM
If I want to accept credit cards online through a spry validated form that I created. I alredy have an SSL, so I'm able to use an https URL for the page that the form is on. Is there anything else I need to legally do to accept credit cards through my web site? All this is for is for customers to sent over credit card numbers for manual payments that we make on our end. I don't need it to be automated or anything like that, since we manually charge the card once we receive the info. The form I created would e-mail us the clients payment information, through a FormMail php script - is there a better way to do this?
I wasn't sure if I needed to do anything additional, as far as PCI compliance or encryption goes, or if I'm good to go. Any info would be greatly appreciated, thanks!!
Posted 20 May 2010 - 03:46 PM
If it's emailing you the info, it's not secure.
And if you're storing it in a database on your site, there are a whole host of rules you need to follow.
Your best bet is to only allow people to fax the cc number to you or to have them call. Otherwise, you'll want to use a payment gateway.
Posted 22 May 2010 - 04:17 AM
SSL alone isn't enough, can your site read and write files from other sites on the same server? Are all the unwanted ports blocked? Do you have a firewall? There's so much more to taking cards than getting an SSL certificate and taking card details via https.
Chances are if you're on a bog standard shared hosting setup you're not going to be compliant.
An external gateway that processes the transactions in realtime would be the best option I'm thinking.
I've seen a big UK based mobile phone retailer (based here in Loughborough and owned by Carphone Warehouse) store card details UNENCRYPTED in a MySQL database, complete with start date, end date, card issue number, card number and three digit secutiry code. It stored everything a fraudster would need to make a killing.
I worked there for a very short time a few years ago and was mortified when I saw that. I think that was my last day, saw that, went for lunch and decided to go to the pub that afternoon rather than return to working somewhere so lapse with user data.
Posted 17 June 2010 - 08:24 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users