>I know, I know, avoid if at all possible and use something like Authorize.NET. > >I'm being asked to store CC info in our DBs to perform recurring billing. "We're compliant" has been said and I've been told to use our broken encryption libraries to encrypt it. I need some info to throw back. Links to laws (state of Iowa), etc.
Craig Berntson MCSD, Microsoft .Net MVP, Grape City Community Influencer