Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: phranque
We're looking for the most simple solution here - they don't need to do any processing online because orders will be directed to 18 different franchise locations for processing.
I do, however, need to figure out how to send this sensitive info in a secure way. Is it possible to send it securely through email or is a database the only way?
I'm no expert on this stuff, but two things come to mind
you may want to consider. Maybe doing a secure
copy (i.e. scp in unix) file transfer or other type
of "secure FTP".
One can use PGP to encrypt the data, then send over
whatever unsecure channel you want, making sure
the person at the other side checks the hash to be
sure the data wasn't modified. Folks use PGP like
this to send encrypted messages via e-mail.
Basically, AFAIK there are two approaches. First,
you can have an encrypted "channel/pipe" you send
a message through that others can't read. Second,
you encrypt the data transmitted -- and don't care
if the "channel/pipe" is encrypted.
Whatever one chooses of course, both the sender and recipient
simply need a step by step procedure to encrypt/decrypt
the data in an automated fashion.
Hope something in the above is helpful.
even if you were to set up 17 online processing accounts it'll still make life easier than having to store and transmit card numbers with 17 PGP keys.