[thelist] I can't believe what I just read....
Lumir G Janku
lgjanku at w3matrix.com
Fri Oct 20 04:22:50 CDT 2000
matt warden wrote:
>There are ways to be more secure... mainly by not involving the client in
>the verification process. In other words, client to web server to
>verification server back to the web server and back to the client with the
>response. Here, we have the client directly interacting with the
>verification server, which seems like just the easy way out.
You got a point. There are actually several ways, as VeriSign is
concerned, for information processing.
The "easy-way-out" Is called Link Point. That's the scenario that I was
taking about, at it is meant to be for small sites with less than $3000 in
transactions per month. Needless to say that VeriSign uses in their setup
proxy servers, so the client does not interact directly with the
verification server. The result is also passed through a proxy server
either to the client and /or optionally to the merchant web server that can
then process the information depending on the result.
Other option is their SDK that has quite a bit of flexibility as the setup
is concerned and the information can be passed silently between the web
server and the processing gateway. Other than that, they have integratrion
packages for most OS and major cart software.
More information about the thelist
mailing list