开发者

Alternative to storing credit card info [duplicate]

This question already has answers here: 开发者_StackOverflow社区 Closed 12 years ago.

Possible Duplicate:

Storing credit card details

I'm working on creating an architecture for a site where users can login and buy products. My boss would like the checkout page to remember the user's credit card info so they don't have to enter it every time, like Amazon.

I don't want to store credit card info in a database for a variety of reasons; I refuse to do it. But my boss insists on the site remembering the user's credit card info.

So, how can this be accomplished? It obviously is being done, unless sites like Amazon are storing user's credit card info and making it extremely secure.


Some companies do indeed store credit card information. If they're responsible, they conform to the Payment Card Industry Data Security Standards. This can be quite expensive, so companies often partner with third parties to handle these transactions.


You could use a service like Authorize.NET's Customer Information Manager CIM. Many other payment gateways offer similar solutions. You store the payment information with them once, then make future requests for payments using a payment profile ID instead of the actual payment information. Another popular company that offers similar services is Braintree Payment Solutions.


Why not encrypt it and make a decryption program that will only allow one CC at a time to be accessed? Maybe something like that would work.

I guess even before that, you have to ask yourself whether or not the user even wants that type of functionality. The only web sites that I might want to keep my CC info stored on are Amazon.com, PapaJohns.com, and maybe one or two others. If you are selling pool equipment, doors, stereo equipment, or something like that, your boss is an idiot.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜