[thelist] Storing CC Information [was: Specific Ecommerce Requirements]

Hershel Robinson hershel at galleryrobinson.com
Tue Oct 17 12:36:55 CDT 2006

 >> But that's the answer--put in the MySQL DB. Many ecommerce packages 
do this by anyway--even if they do place the charge automatically at 
checkout time.
 > And they shouldn't.  You don't keep people's CC
 > numbers any longer than is absolutely necessary
 > (unless you want to comply with the processors'
 > data security reqs [tip: you don't] and/or get
 > ejected by your card company).

FWIW, this I received from a US lawyer:

Since you are not sharing or selling credit card information, there are
no specific restrictions or regulations concerning the storage of credit
card information that I could find, other than any requirements imposed
by your bank or credit card processor, which would be contractual.


Web Site Construction by Gallery Robinson

More information about the thelist mailing list