Re: Credit card numbers on a form
by Thomas James Allen <tjallen(at)pipeline.com>
|
| Date: |
Wed, 25 Aug 1999 05:58:41 -0400 |
| To: |
"Denise" <denise(at)nf.sympatico.ca> |
| Cc: |
hwg-basics(at)hwg.org |
| |
todo: View
Thread,
Original
|
|
At 12:44 AM 8/25/99 -0300, you wrote:
>I did a site for a local inn a while back and I made an ordinary
>'reservation' type form for it using Matts form mail script. Now, they have
>told me that they want people to totally do it all online, including
>submitting credit card info to them through this form. I know that the
>script I have offers no security, and that I need some type of encryption
>program (SSL?) for this to work. I have never set up anything like this
>before, and I'm a little hesitant about it given all the security issues.
>Also, isn't getting the needed security setup pretty expensive?
>Thanks for any help,
>Denise
----------------
Take a look at Thawte, a company that sells and verifies
secure server certificates, at:
http://www.thawte.com/
Look at the section on SSL, it will tell you the prices,
how it works, what has to be done, etc.
What it doesn't tell you is interacting with your server-owner.
I found this to be the tough part, getting it set up right with them.
I used Matt's FormMail to create the form, it just had to be
in a special folder, with special extensions, permissions, and so on.
It was messy, but my customer is happy, finally.
It takes time, and money, but in the end your formmail is encrypted,
and you can accept credit card numbers without fear.
Hope this helps,
jimmy
Disclaimer: There are other companies besides Thawte who do this,
for example, VeriSign. I don't work for any of them, but am simply
relating my own experience with one of them.
HTML: hwg-basics mailing list archives,
maintained by Webmasters @ IWA