Re: credit card number stored issue -- MIDRANGE-L

Subject: Re: credit card number stored issue
From: Douglas Handy <dhandy@xxxxxxxxx>
Date: Thu, 9 Dec 2010 09:37:05 -0500
List-archive: <http://archive.midrange.com/midrange-l>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

Tim,

The new requirement is to set up a recurring payment process. I will need to

store the CC info in order to do this. I will have a night job that runs to
process any additional CC transactions.

You may think you need to store the data, but there are many solutions
available which allow you to never store the real CC info, but instead put
that burden on your CC processor. To second Eric's reply, do what he said
and research tokenization (which goes by many different names, depending on
provider). In a nutshell, you send the CC data to them immediately and get
back a "token" then store only it in your system. You never store the real
CC info at all, greatly reducing the complexity of PCI compliance.

Then you just reference that token for future recurring payments, credits, a
capture/ship following a pre-auth/book transaction, etc.

Doug

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.