On Mon, Sep 20, 2004 at 02:16:39PM -0500, Adam Majer wrote: > Andrew Suffield wrote: > > > <>Nobody steals credit card numbers by capturing traffic from you to the > > server. It's difficult and ineffective and slow, even if the session > > isn't encrypted. They crack the server and steal hundreds of thousands > > at once. > > I hope no one here is moronic enough to have credit card numbers on > their servers! To have a transaction record, I would just store > MD5(credit_card_number + expiration_date + transaction_dtime + > transaction_id). Almost every serious online retailer stores credit card numbers on their servers, so that end-users don't have to enter them every time. See amazon. -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -><- |
Attachment:
signature.asc
Description: Digital signature