| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 53037 | 2005-01-06 00:36:00 | Credit Card no. sending via email??? | volkan (6752) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 311077 | 2005-01-06 00:36:00 | Hi Im wondering is it safe to make a shopping cart script, so when people checkout, it goes to a server with SSL. Now, is it safe to make the script email the site owner with the requested products and credt card info? |
volkan (6752) | ||
| 311078 | 2005-01-06 01:04:00 | Hi Im wondering is it safe to make a shopping cart script, so when people checkout, it goes to a server with SSL . Now, is it safe to make the script email the site owner with the requested products and credt card info? Personally I would'nt send it by e-mail if you can avoid it |
Ash M (46) | ||
| 311079 | 2005-01-06 01:17:00 | SSL encrypts data between the browser and the server not between the server and the persons email client. So using any sort of unencrypted email to send CC info is not secure. If you were to have the cart write to a file on the server or a database, you would be safe unless someone gained access to that file. And the credit card company would have you for storing CC details on a public server. You can encrypt the data using GPG (http://www.gnupg.org/). This would make it safe to store or email the CC numbers. |
Webbase (265) | ||
| 311080 | 2005-01-06 01:39:00 | I would either set the page to write to a flat file on the server (if you have local access to it). Or as suggested, use GPG and encrypt the e-mails on the fly so that only someone with the private key can decrypt them. |
ninja (1671) | ||
| 1 | |||||