[TriLUG] Storing Credit Card Numbers
Jason Purdy
jason at journalistic.com
Tue Mar 15 14:22:00 EST 2005
Depending on your gateway and business model, you could store a
reference number of the original transaction to issue a void or credit.
There's also some recurring billing schemes in place with gateways
where you wouldn't have to store the credit card info at all.
If none of those "fit", then I would recommend Blowfish encryption. It
fits all of your criteria, except I'm not entirely sure about the Java
front (I use Perl, myself).
BTW, has anyone else run into their gateway and/or merchant account
telling them they need to comply w/ VISA, MasterCard, AmEx's new CC
compliance scheme? I could rant on for a few hours (over beer ;)) on
this - it's a very ridiculous set of hurdles to go through, especially
when you're a small shop.
- Jason
More information about the TriLUG
mailing list