[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
RE: New Question: PGP and SSL security question
****** message to minivend-users from Joe Hourcle <oneiros@dcr.net> ******
On Mon, 22 Feb 1999, Black Samba - Staff wrote:
> ****** message to minivend-users from "Black Samba - Staff" <darrenl@blacksamba.com> ******
>
> For using SSL, would just using Cybercash, or another 3rd party credit card
> processing company be a sufficient substitute for running our own SSL
> server? Would that protect the customer sufficiently?
It depends on how the credit card number is gotten from the user.
HTTPS is a secure web server connection. You want a secure connection any
time that you are passing credit card numbers around, as you have no idea
how good of security all of the machines that might route tha packet have.
The server that gets the credit card information from the user should be
an SSL connection. It does you no good at all to get the information over
an unsecured connection, and then pass it along to cyber cash.
If cybercash is the one getting the credit card information, and they're
using a secured connection, then there's no problem.
-----
Joe Hourcle
Digital Crescent, Inc.
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
