Freelancers Network
 
skill list top cap
Homepage
Join the Freelancer's Network
Update your details
Find a freelancer
Post a project
Find a project
Projects Archive
Post a job
Find a job
Jobs Archive
See Dan's Pages
See Andy's Pages
Link to this site
Resources
Join/Leave Forum
Forum Messages
+Additions+ Adverts
Advertising
Contact Us
Subscribe to our newsletter - enter your email address and hit return
Freelancers.net is owned and operated by Andy Stowell and Dan Winchester
skill list end cap
guru web hostcom

Find me again on Freelancers.net

RE: FN-FORUM: Storing CC details?

date posted 16th May 2007 20:17

Jurai,

This is covered under the data protection act, and the freedom of
information act, as well as Sarbanes Oxley, Financial regulation act and a
host of other regulations.

I think it's not the case of "can you" it's a case of " Should you".

There are some essential questions you should ask before storing CC details.
1. What reason would you need other than making it simpler when customers
return to re-use the site.
2. Do you have the customer permission (this has to be given not accepted
as true).
3. Are you using a database that complies with BS 17799 or ISO 17799 for
storing personal data.
4. The server where the database is behind a separate network layer
isolated from the internet?

If all the above is true ( and I've missed out many more) then you need to
ensure that the personal details are kept separate from the cc details and
that both are encrypted. The database has to have referential integrity
rules applied, be normalised and have a history file.

But as far as the data protection act goes, if you have no reason to hold
the CC details then you will be in breech of the data protection act. And
this has to be a very good reason, not that it'll make life easier reason.

Couple of useful links

http://www.opsi.gov.uk/ACTS/acts1998/19980029.htm

http://www.direct.gov.uk/en/RightsAndResponsibilities/DG_10028507


Peter



> -----Original Message-----
> From: [EMAIL REMOVED] [EMAIL REMOVED] On Behalf Of Juraj
> Seffer
> Sent: 16 May 2007 19:51
> To: FN-FORUM / [EMAIL REMOVED]
> Subject: FN-FORUM: Storing CC details?
>
>
> Hi all,
>
> Any idea if storing Credit Card details in a database (except CVV) is
> legal in the UK and if it requires a licence?
>
> Thanks
> Jay
>
> --
> Freelancers, contractors earn more with Prosperity4
> Call 0870 870 4414 or visit www.prosperity4.com
> and benefit from Inland Revenue approved expenses today.
>
> To advertise here: http://www.freelancers.net/advertising.html
>
>



Messages by Day
May 31st 2007
May 30th 2007
May 29th 2007
May 28th 2007
May 27th 2007
May 26th 2007
May 25th 2007
May 24th 2007
May 23rd 2007
May 22nd 2007
May 21st 2007
May 20th 2007
May 19th 2007
May 18th 2007
May 17th 2007
May 16th 2007
May 15th 2007
May 14th 2007
May 13th 2007
May 12th 2007
May 11th 2007
May 10th 2007
May 9th 2007
May 8th 2007
May 7th 2007
May 6th 2007
May 5th 2007
May 4th 2007
May 3rd 2007
May 2nd 2007
May 1st 2007


Messages by Month
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007


Messages by Year
2008
2007
2006
2005
2004
2003
2002
2001
2000