Re: Safe enough?

From: Tom Pepper Willett (tompepper@mvps.org)
Date: 03/25/03


From: "Tom Pepper Willett" <tompepper@mvps.org>
Date: Tue, 25 Mar 2003 12:25:30 -0600


You definitely need SSL certificate before you start taking credit card
numbers.

"MarkH" <markh@pe.net> wrote in message
news:a46792c9.0303251006.33d70570@posting.google.com...
| Newbi, so please bear with me.
|
| I maintain a website pro-bono for a Rotary non-profit organization.
| The website is hosted by a commercial ISP on W2k server, with FP2002
| extensions. I need to collect credit card info, but they cannot
| afford a SSL site. I have created a password protected Access db in a
| hidden folder. In my asp collection form, I use an algorithm to
| encrypt the cc# as it gets saved to the db - so the cc# is pretty safe
| there. What I am worried about is the sending of the number in clear
| text to the server. This is a short term need (4 months) with maybe
| 500 transactions. Any thoughts, suggestions, etc., would be helpful.