Accepting Credit Card Numbers

[Zach]

I run a website for a domestic violence shelter. They do online registration for events and want to accept credit card information. Not process it--just get the info, and have it emailed to someone. Any recommendations for doing this? I'd prefer to have the info emailed by FormMail, but even if it's going through the secure server, is that safe? Is there another, safer way of doing this?

 

 

Thanks,

 

Zach

[surefire]

This is a VERY unsafe way of doing this. Your gut is telling you the right thing... you need another solution.

 

Even sending the info through a secure form is unsafe since the numbers are sitting in someone's email inbox.

 

One way to do this correctly is to process the credit cards through a secure form or third party service and have part of the number x'd out before the invoice is emailed to them.

 

Check out paysystems, 2checkout, among other services.

[Zach]

The credit card info needs to be processed by the shelter, not be someone else, otherwise they loose money. Any other ideas?

[Deverill]

You can use a script (PHP or other) to encrypt the data at the server before emailing it to the recipient and then have the person at the shelter decrypt it with the key to use it.

 

I went to google and did a search on "pgp encrypt php script" and found several options. I've not used any of them but they should do the job nicely and PGP (or it's cousin GnuGP) are very secure too.

[Zach]

Ok...does anybody have any opinions about doing encryption before emailing? Can anybody give me a reason that it's a bad idea?

[TCH-Rob]

If you are set in the email way then every ounce of encryption will be needed. It may be a good idea to get an SSL as well to make those giving their number feel safer about the whole issue.

[surefire]

My point is that at no time should the credit card numbers be sitting in someone's email.

 

Even if the person processing the transactions is honest and ethical... are they going to lock their computer or turn it off every time they leave their desk? Is everyone with access to that computer equally ethical?

 

And what happens when that computer gets sold to someone else on ebay or donated to charity? 99% chance that those emails will still be on the hard drive.

 

I have a merchant account with Authorize.net. This is not an endorsement of their service, but it makes a point. The card gets processed by them. Mind you, this is NOT a third party all-in-one service. This is my own merchant account.

 

But when the email comes to me, some of the numbers are left out.

 

This is to protect the card holder.

 

If I NEED to verify a transaction or track something down, then I can call them up or log in to their site and put in the correct info.

 

If you are insistant on using email, then the next best thing would be encryption that keeps the info encrypted even while it's on the user's hard drive and goes back to the encrypted state after it's been opened and used.

 

I'm doubtful that PGP does that.

 

I'm a little more paranoid than most conumers but I'm also aware of the rising level of identity theft. If I used a service and found out that the transaction was secure... but now my info is sitting in someone's email... I'd be mucho mad.

 

You've asked a question... Although you may not like the answers...you've gotten some honest answers from different points of view.

[ztrauq]

For secure email, I've been using a form processor called SouperMail, which can interface directly with the Gnu Privacy Guard installed on TCH servers and encrypt messages with your PGP key before sending them. I'm not sure about the PC side, but for macs, I've been using the personal version of PGP, which interfaces directly with the mail program, and only decrypts the message for the current session - quit the program and come back, and it's still encrypted. You could also just use Gnu Privacy Guard to decrypt the messages - it has GUIs for both Mac and Windows (and Linux, of course), and upon decryption displays the plaintext in a separate window, leaving the original message in its encrypted form.