Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Storing credit card info
Message
De
02/10/2013 23:06:10
Tuvia Vinitsky
Vci
Chicago, Illinois, États-Unis
 
 
À
26/09/2013 11:17:03
Mike Cole
Yellow Lab Technologies
Stanley, Iowa, États-Unis
Information générale
Forum:
Business
Catégorie:
Juridique
Titre:
Re: Storing credit card info
Divers
Thread ID:
01584217
Message ID:
01584705
Vues:
47
>>>I know, I know, avoid if at all possible and use something like Authorize.NET.
>>>
>>>I'm being asked to store CC info in our DBs to perform recurring billing. "We're compliant" has been said and I've been told to use our broken encryption libraries to encrypt it. I need some info to throw back. Links to laws (state of Iowa), etc.
>>
>>Details of requirements for compliance here I think : https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
>>
>>But If they are not already storing this information how can they claim to be compliant ?
>
>They're already storing it other places (projects I wasn't involved with).
>
>Is PCI the law or a guideline? I understand it to be the law, no exceptions. Just wanted to verify.

Voluntary standards (nationwide)
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform