Re: legalities of encryption - Emailing info

by "Dixie" <dixie(at)kandi.org>

 Date:  Mon, 14 Aug 2000 16:31:48 -0500
 To:  <hwg-basics(at)hwg.org>
 References:  cs gte wc localhost
  todo: View Thread, Original
Ok...  I'm trying to understand this so please have patience   :-)

As I understand it, using a secure socket, the email is encrypted and can
only be unlocked by the second key for the socket.  For example, I know
someone that uses the shopping cart package QuickStore.  As I understand
Quickstore, it is entirely cgi then uses a secure socket to submit the
ordering information to the merchant.  The merchant uses their key to
unencrypt the message with the order information and runs the payment
information in whatever fashion he/she/it/they run(s) it.

Is this the same idea as this gentleman is talking about?  It seems to me
more secure than taking credit card information over the phone at the very
least.

BTW - I'm not asking just to "push" this Quickstore package or anything
(assuming it is a viable option after all).  I have a club that wishes to be
able to have people submit their credit card information to register for
their conventions and that idea was presented to me as a possible solution.
I thought at the time it was a viable option but I have not offered it to
them as an option as of yet.

Thanx -
Dixie


----- Original Message -----
From: "Ted Temer" <temer(at)c-zone.net>
Sent: Monday, August 14, 2000 12:38 PM

> The major problem here is the "e-mailing" of the order, including the
credit
> card information.
>
> There are several methods to use other than this. In many cases, a service
> is provided that obtains the customer information and the order totally on
> secure servers. Then the only thing transmitted by e-mail is a notice to
the
> supplier to ship the product to such and such address. The credit card
info.
> is never sent.

HTML: hwg-basics mailing list archives, maintained by Webmasters @ IWA