Re: Credit card arrangement
This WebDNA talk-list message is from 2005
It keeps the original formatting.
numero = 63529
interpreted = N
texte = Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you =dealing with healthcare clients?We have "intelligence" system to process payment without storing the =card at site. It will be clean with HIPAA. It is not AuthorizeNet.If you are interested, we can talk offline.Bess-----Original Message-----From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf OfBob MinorSent: Wednesday, November 30, 2005 4:13 PMTo: WebDNA TalkSubject: Re: Credit card arrangementThey wanna audit it as well. Use to be they controlled the software =20etc. Now there are so many hands in the cookie jar, I have to store =20it, my customer has to store it. We have had to go through numerous =20network audits its not funny.We had a special device that cloaked our network, no one could tell =20if a machine had open ports or not. We watched and maintained =20honeypots etc. Well the credit card companies came in and said hey =20all your stuff is vulnerable to attack. We no its not, we just dont' =20let the outside world know what we are doing period. They made us put =20in a visible and therefore more vulnerable firewall so that they =20could see what we were doing to protect our network and the hosting/=20colocation customers.I think what they are doing is ultimately the right thing. I would =20much prefer not to hold the CC at all or if I do on a machine that is =20firewalled from the internet. I just don't want some wanker coming in =20making us look bad by stealing all our credit card data. You can only =20imagine the lawsuits that could result if you didn't take reasonable =20efforts to secure the data.Now don't even get me started on the HIPAA crap!On Nov 30, 2005, at 5:20 PM, Bess Ho wrote:> I think Pat is concerned about storing card whenever it is encryped =20> or not. So many new rules from visa and mastercard esp this year.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to =Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you =dealing with healthcare clients?We have "intelligence" system to process payment without storing the =card at site. It will be clean with HIPAA. It is not AuthorizeNet.If you are interested, we can talk offline.Bess-----Original Message-----From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf OfBob MinorSent: Wednesday, November 30, 2005 4:13 PMTo: WebDNA TalkSubject: Re: Credit card arrangementThey wanna audit it as well. Use to be they controlled the software =20etc. Now there are so many hands in the cookie jar, I have to store =20it, my customer has to store it. We have had to go through numerous =20network audits its not funny.We had a special device that cloaked our network, no one could tell =20if a machine had open ports or not. We watched and maintained =20honeypots etc. Well the credit card companies came in and said hey =20all your stuff is vulnerable to attack. We no its not, we just dont' =20let the outside world know what we are doing period. They made us put =20in a visible and therefore more vulnerable firewall so that they =20could see what we were doing to protect our network and the hosting/=20colocation customers.I think what they are doing is ultimately the right thing. I would =20much prefer not to hold the CC at all or if I do on a machine that is =20firewalled from the internet. I just don't want some wanker coming in =20making us look bad by stealing all our credit card data. You can only =20imagine the lawsuits that could result if you didn't take reasonable =20efforts to secure the data.Now don't even get me started on the HIPAA crap!On Nov 30, 2005, at 5:20 PM, Bess Ho wrote:> I think Pat is concerned about storing card whenever it is encryped =20> or not. So many new rules from visa and mastercard esp this year.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to =Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
"Bess Ho"
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
The IBC root beer has arrived! (1997)
[searchString] (1997)
Items XX to XX shown (1997)
WCS Newbie question (1997)
[WebDNA] To Flush, to commit or to...? (2014)
OT - royalty free images (2002)
loops (2000)
Configuring E-mail (1997)
restart needed???? (1997)
[WebDNA] What Webcatalog with Itools?? (2008)
Speed Optimization - Mac (1997)
using showpage and showcart commands (1996)
WebCatalog can't find database (1997)
2.0 Info (1997)
Storebuilder, Smith-Micro Tech Support (2000)
HTML Mail & Line breaks... (2004)
New Plug-in and Type 11 errors (1997)
WebCat2b15MacPlugin - showing [math] (1997)
Webcat 2.0.1 date math bug -> Crash! (1997)
Summary: Webmerchant quitting (1998)