Freelancers Network
 
skill list top cap
Homepage
Join the Freelancer's Network
Update your details
Find a freelancer
Post a project
Find a project
Projects Archive
Post a job
Find a job
Jobs Archive
See Dan's Pages
See Andy's Pages
Link to this site
Resources
Join/Leave Forum
Forum Messages
+Additions+ Adverts
Advertising
Contact Us
Subscribe to our newsletter - enter your email address and hit return
Freelancers.net is owned and operated by Andy Stowell and Dan Winchester
skill list end cap
guru web hostcom

Find me again on Freelancers.net

RE: FN-FORUM: PCI DSS Merchant Compliance -(All sites have to comply by June 30, 2005)

date posted 30th July 2005 20:59

Is there any problem with having PGP encrypted mails sent ?

Cheers
Andy

-----Original Message-----
From: [EMAIL REMOVED] [EMAIL REMOVED] On Behalf Of Paul
Civati
Sent: Saturday, July 30, 2005 9:12 PM
To: Andy Macnaughton-Jones
Subject: Re: FN-FORUM: PCI DSS Merchant Compliance -(All sites have to
comply by June 30, 2005)


craig - freelance web designer [EMAIL REMOVED] wrote:

> {{THE PICTURE}}
> My client owns a high street shop and requires an online e-shop to=20
> support the shop sales. He has made it clear that he doesn't want to=20
> use paypal or a worldpay system, as he has a merchant account which he

> uses in the shop.

AIUI, the merchant account the bank will have issued for the shop will
be for customer present and telephone sales. I don't think the bank
would generally be too pleased with you taking internet based orders and
manually processing them (yes I know there are people doing this),
you're supposed to obtain a separate internet merchant account for that.

Unless things have changed.

> {{MY HOSTING PROVIDER STATES}}
> Accepting online payments via credit card must be done securely. It is

> not adequate to take credit card details via SSL then to email the=20
> results to yourself or the administrator. There are at least three=20
> issues with this method:

Good to see people taking a sensible approach to card security.

Yes, what is the point of transmitting card details over SSL and then
transporting them in cleartext non-SSL SMTP. Potentially ending up with
card details stored unsecured in mail queues and perhaps bouncing around
when email systems don't quite work as they should.

-Paul-

--
Paul Civati 0870 321 2855
Rack Sense Ltd - Managed/Business hosting - www.racksense.com =20
RackRed - Value SSL certificates and servers - www.rackred.com


--=20
Freelancers, contractors earn more with Prosperity4
Call 0870 870 4414 or visit www.prosperity4.com
and benefit from Inland Revenue approved expenses today.

To advertise here: http://www.freelancers.net/advertising.html

Messages by Day
July 31st 2005
July 30th 2005
July 29th 2005
July 28th 2005
July 27th 2005
July 26th 2005
July 25th 2005
July 24th 2005
July 23rd 2005
July 22nd 2005
July 21st 2005
July 20th 2005
July 19th 2005
July 18th 2005
July 17th 2005
July 16th 2005
July 15th 2005
July 14th 2005
July 13th 2005
July 12th 2005
July 11th 2005
July 10th 2005
July 9th 2005
July 8th 2005
July 7th 2005
July 6th 2005
July 5th 2005
July 4th 2005
July 3rd 2005
July 2nd 2005
July 1st 2005


Messages by Month
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
March 2005
January 2005


Messages by Year
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000