Can I send CC #s via email? How do I secure them?

Forum Moderators: buckworks

Message Too Old, No Replies

Can I send CC #s via email? How do I secure them?

need to send confirm email to vendor with CC's, how?

mboydnv

5:27 am on Oct 26, 2004 (gmt 0)

I am starting a travel/tours business and am creating my own booking form I am a reseller of tours. The form then goes through the gateway via AIM and voila a voucher page with a confirmation # pops up in the browser.

My question is this, I need to send this info to my vendor via email. What do i do about the credit card #'s, my vendor needs those also. Am i allowed to send that via email? Is there a feature in the gateway processor that will send a copy of the info via email to my vendor in some secured format? How does that work? I'd hate to call in every cc # to my vendors throughout the days..

thank you!

Michael

Corey Bryant

3:40 pm on Oct 26, 2004 (gmt 0)

Email is very unsecure. You could use PGP to secure the emails. You might even need to become CISP compliant. Do your vendors have their own websites? You might even consider seeing if you can submit the credit card number to their websites as well

-Corey

robertito62

3:47 pm on Oct 26, 2004 (gmt 0)

If you know how to portforward you can create a tunnel and send all your email securely. You will need a shell client and your hosting service should provide you with ssh access.

mboydnv

11:33 pm on Oct 26, 2004 (gmt 0)

RE: If you know how to portforward you can create a tunnel and send all your email securely. You will need a shell client and your hosting service should provide you with ssh access.

do tell....more tech details..... =)

antirack

1:08 am on Oct 27, 2004 (gmt 0)

Email is not only insecure because you send it insecure on your side, it's also because once the mail left your server, it will stay insecure and get forwarded and routed by the mail server insecure again. On the recipient�s mail server or even the recipients desktop, the mails are stored insecurely.

PGP is therefore a very good option, because although the mails are still transferred insecurely, the actual content is encrypted.

You should be able to download a free PGP version (for "personal use") from pgp.com, or use one of the numerous other free open source versions that are compatible to the commercial one.

If your vendor takes their business seriously (and if they want to comply with the terms set out by Visa), they have to use PGP anyway. Visa doesn�t allow transmission and storage of credit cards in an insecure environment, this includes emails.