Sign in with
Sign up | Sign in
Your question

How to securely transmit and store credit card information?

Last response: in Business Computing
Share
February 28, 2013 3:19:36 PM

I'm thinking about starting up a web business. I'm in the site development phase but before I get too deeply invested I want to start learning how I'm going to protect my customers credit card numbers as storing them to be charged at a later date is going to be a critical part of my business. This is going to have to be done on a massive scale (storing thousands of card to be charged at approximately the same time) What do I need know in order to pull this off? Databases? PHP? SSH/SSL? Is there a service like paypal that would store/secure this information for me?
February 28, 2013 3:25:09 PM

Use a payment service and have them deal with it . . . Yes, paypal would work fine.
February 28, 2013 3:37:51 PM

And check the legal requirements in your country. Storing credit card numbers has special requirements like a bank license in some countries. Like Traciatim said, a payment service provider like paypal is the way to go.
Related resources
February 28, 2013 3:47:04 PM

You may want to look at something like:

http://www.shift4.com/dotn/4tify/trueTokenization.cfm

With systems like this you actually never see a credit card number yourself. Seems liek a much safer way to go than trying to design yourself a secure system, which if you're not a complete security expert will probably be full of holes.


February 28, 2013 4:17:54 PM

Contact pay pal and have a talk about it. Lots of other companies use pay pal in lots of different ways, and i'm sure this is nothing new for them. they will most likely charge you per transaction or something, but it's much better than trying to develop a buggy application that's full of security holes
February 28, 2013 4:23:59 PM

Also, it would prly require a form on an https/ssl page to an SQL database that is VERY secure. I don't know much about securing the I/O of such a db, or of the form, but i'm sure both need lots of attention. Also, the server itself that the db is on would need lots of security attention.
March 1, 2013 12:46:41 AM

Thanks, i'll contact paypal.
a b 8 Security
March 1, 2013 1:17:57 AM

What you want is a payment gateway. Paypal is one, another is google checkout. There are others

Http://en.wikipedia.org/wiki/Payment_gateway

Or you need a merchant account and they will likely have payment gateway services as well. You really dont want to be storing credit card info.
March 1, 2013 1:26:51 AM

Yeah i need a gateway. Why don't these sites lay out their pricing? It looks like paypal takes a percent of every transaction.
March 1, 2013 1:28:55 AM

Any place you use is going to take a piece. They do all the processing work, they want something for that.
!