On Fri, Apr 25, 2003 at 02:21:12PM -0400, Mike Heins wrote: > Quoting Joshua Rusch (suppressed): > > Hi, > > > > I'm wondering if there is a secure way in the most recent versions of > > interchange (4.9.7) to have a confirmation page in checkout, ie have the > > credit card number collected on checkout page 1, but do the actual > > charge upon submitting checkout page 2-which just shows a review of the > > information (without showing credit card number of course!). > > There is no secure way in any software that I know of, only insecure > ways (i.e. storing the credit-card number en-clair on disk). That is > why we never do it that way. > > You could do an auth early in the cycle, then reverse it if the order > didn't get placed -- that would be secure but hard to maintain. Done that abandoned that. The problem is the long delay for the auth. Customers don't expect a delay at that point and it led to lots of confusion. -- Christopher F. Miller, Publisher suppressed MaineStreet Communications, Inc 208 Portland Road, Gray, ME 04039 1.207.657.5078 http://www.maine.com/ Content/site management, online commerce, internet integration, Debian linux _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.