Forum Moderators: buckworks
I discussed their requirements very briefly over the phone prior to making the appointment to scope the project out properly.
When I asked about payment methods, merchant account with the bank etc, this prospective customer was adamant that they did not want to use any online payment system but wanted the credit card details emailed to them from the checkout.
I pointed out that this really wasn't a secure method and that they would be liable for loss of any credit card data - but that didn't bother them and they were happy to take the risk as all their pc's etc are password protected.
I supply the hosting with all of the sites I build, and this covers email etc.
What I'm worried about is - am I liable in any way? I'm a reseller for hosting, I have no idea who may and who may not be able to access their email accounts etc.
Professionally speaking - I don't think they should accept people's data in this way. I certainly wouldn't want my credit card data sitting in logs on mailservers, people's pc's etc.
But, is it up to me to tell them what to do. Obviously I'd ike to take the work but....
Anyone been in a similar situation? If so, what did you do? Am I better of leaving alone or should I just shut up and do the job?
well done jenkers on saying no
I've spoken again to the merchant today and have convinced them (it seems) that Google checkout is a viable and safe option that won't cost them an arm and a leg.
i'd really like to see cc companies taking action against biz owners who don't take security seriously - the systems are in place to protect cardholders and merchants - it's just up to merchants to implement the systems - and it's not difficult or expensive
I'm actually getting the feeling (as a small UK merchant that does currently take payment details on our own server) that the writing is on the wall about this, and we are looking at moving to an online processor for this reason.
@jenkers: moral high-ground and the contract by the sound of it, you can't ask better than that :) Bet they respect you more now as well..
i'd really like to see cc companies taking action against biz owners who don't take security seriously
They do.
-Corey
I wouldn't figure it is your problem. But why not suggest an encryption where you encrypt the data, and only they have the key to decrypt the strings. That way its still secure, even in an unsecure email.
Well besides being a reason for you to loose your merchant account and making yourself liable for millions of dollars in fraud recouping fees..... here are a few reasons off the top of my head.
Only they? They being who? Someone getting $5.00 an hour to process Credit Card transactions? Sounds safe.
What variables are being filled with the CC number in code before being encrypted? Are any left in memory? What about the encryption algorithm? Where does that live? Is it safe? Can it be touched from the outside to send an extra email in the background that isn't encrypted?
So the key/salt lives on only one computer? Or many? Where are these computers stored? Who else has access to them? Is there a contract cleaning crew coming through the office? Have the backgrounds of their employees been checked? Is this computer on a network?
What is the policy for storing these emails and deleting them? Are they being backed up by some archiving process on the mail server?
What steps happen to the email that gets delivered to the mail server before reaching a end users computer?
Why can't people wrap their head around how much is at stake with someone else's credit card information?
Be safe... do things right... don't try to be clever about security unless you are in fact an expert. Hash encryption has a place but it isn't for emailing credit card information. Leave this to professionals.
[edited by: Demaestro at 9:23 pm (utc) on July 20, 2007]
Additionally, it is still unacceptable by merchant providers.
but requires more "work" for a client to retrieve the info than a secure CC processing system
Note: I am not endorsing this method. Just pointing it out as a somewhat secure and easy workaround.
To me it's not worth risking the loss of a merchant account just so I can be stingy about security and in the process open myself to more legal exposure from aggrieved [former] customers.
