Think this belongs here as is security related more or less.
I am about to integrate paypal payments in commercial website... Now I guess I will need to store credit card and possibly other sensitive data.
So my question is what is my best bet on security there. Probably nice to know that this is shared hosting environment.
Thank you.
securely store credit card and other sensitive data
Moderator: General Moderators
Re: securely store credit card and other sensitive data
No, you do not need to store credit card information, that's the idea of using a payment-service-provider such as paypal. They do the "nasty sensitive stuff" while you store only the not so sensitive data such as the customer information & what they've ordered.
Your best bet, try to read the documentation that paypal has on their site although last time I worked on a paypal project that was pure agony trying to find good doucumentation as the site is, well, a bit messy.
Your best bet, try to read the documentation that paypal has on their site although last time I worked on a paypal project that was pure agony trying to find good doucumentation as the site is, well, a bit messy.
Re: securely store credit card and other sensitive data
Well sure I don't need cc with paypal......stupido me. Thanks
Well I am thinking of writing them soon with exactly what option I am after and pray for someon to answer in a week
If noone does..I start working on it anyhow.
Well I am thinking of writing them soon with exactly what option I am after and pray for someon to answer in a week
If noone does..I start working on it anyhow.
Re: securely store credit card and other sensitive data
to store credit card information you first need to start out with a SSL,
then have all information send must be encrypted....and then stored on a encrypted server.
Storing any kind of personal information also brings about a lot of legal issues that you need to be well aware of, because of issues such as identity theft, because there is the risk of this being done from information you stored which could lead to lawsuits.
If this your first time storing information such as this ( if you do take that route ) do a lot of research and get in touch with some lawyers and get the laws on this ( if you work for a company they should work this out )
then have all information send must be encrypted....and then stored on a encrypted server.
Storing any kind of personal information also brings about a lot of legal issues that you need to be well aware of, because of issues such as identity theft, because there is the risk of this being done from information you stored which could lead to lawsuits.
If this your first time storing information such as this ( if you do take that route ) do a lot of research and get in touch with some lawyers and get the laws on this ( if you work for a company they should work this out )