Re: Credit card arrangement

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 63529
interpreted = N
texte = Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you = dealing with healthcare clients? We have "intelligence" system to process payment without storing the = card at site. It will be clean with HIPAA. It is not AuthorizeNet. If you are interested, we can talk offline. Bess -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of Bob Minor Sent: Wednesday, November 30, 2005 4:13 PM To: WebDNA Talk Subject: Re: Credit card arrangement They wanna audit it as well. Use to be they controlled the software =20 etc. Now there are so many hands in the cookie jar, I have to store =20 it, my customer has to store it. We have had to go through numerous =20 network audits its not funny. We had a special device that cloaked our network, no one could tell =20 if a machine had open ports or not. We watched and maintained =20 honeypots etc. Well the credit card companies came in and said hey =20 all your stuff is vulnerable to attack. We no its not, we just dont' =20 let the outside world know what we are doing period. They made us put =20 in a visible and therefore more vulnerable firewall so that they =20 could see what we were doing to protect our network and the hosting/=20 colocation customers. I think what they are doing is ultimately the right thing. I would =20 much prefer not to hold the CC at all or if I do on a machine that is =20 firewalled from the internet. I just don't want some wanker coming in =20 making us look bad by stealing all our credit card data. You can only =20 imagine the lawsuits that could result if you didn't take reasonable =20 efforts to secure the data. Now don't even get me started on the HIPAA crap! On Nov 30, 2005, at 5:20 PM, Bess Ho wrote: > I think Pat is concerned about storing card whenever it is encryped =20 > or not. So many new rules from visa and mastercard esp this year. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to = Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Credit card arrangement ( Scott Szretter 2005)
  2. Re: Credit card arrangement ( Patrick McCormick 2005)
  3. Re: Credit card arrangement ( Patrick McCormick 2005)
  4. Re: Credit card arrangement ( "Bess Ho" 2005)
  5. Re: Credit card arrangement ( Bob Minor 2005)
  6. Re: Credit card arrangement ( Dale-List 2005)
  7. Re: Credit card arrangement ( Donovan Brooke 2005)
  8. Re: Credit card arrangement ( Donovan Brooke 2005)
  9. Re: Credit card arrangement ( Bob Minor 2005)
  10. Re: Credit card arrangement ( "Bess Ho" 2005)
  11. Re: Credit card arrangement ( Donovan Brooke 2005)
  12. Re: Credit card arrangement ( "Bess Ho" 2005)
  13. Re: Credit card arrangement ( Donovan Brooke 2005)
  14. Re: Credit card arrangement ( Donovan Brooke 2005)
  15. Re: Credit card arrangement ( "Bess Ho" 2005)
  16. Re: Credit card arrangement ( Patrick McCormick 2005)
  17. Re: Credit card arrangement ( Marc Thompson 2005)
  18. Re: Credit card arrangement ( Donovan Brooke 2005)
  19. Re: Credit card arrangement ( Bob Minor 2005)
  20. Re: Credit card arrangement ( Marc Thompson 2005)
  21. Re: Credit card arrangement ( Donovan Brooke 2005)
  22. Credit card arrangement ( Patrick McCormick 2005)
Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you = dealing with healthcare clients? We have "intelligence" system to process payment without storing the = card at site. It will be clean with HIPAA. It is not AuthorizeNet. If you are interested, we can talk offline. Bess -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of Bob Minor Sent: Wednesday, November 30, 2005 4:13 PM To: WebDNA Talk Subject: Re: Credit card arrangement They wanna audit it as well. Use to be they controlled the software =20 etc. Now there are so many hands in the cookie jar, I have to store =20 it, my customer has to store it. We have had to go through numerous =20 network audits its not funny. We had a special device that cloaked our network, no one could tell =20 if a machine had open ports or not. We watched and maintained =20 honeypots etc. Well the credit card companies came in and said hey =20 all your stuff is vulnerable to attack. We no its not, we just dont' =20 let the outside world know what we are doing period. They made us put =20 in a visible and therefore more vulnerable firewall so that they =20 could see what we were doing to protect our network and the hosting/=20 colocation customers. I think what they are doing is ultimately the right thing. I would =20 much prefer not to hold the CC at all or if I do on a machine that is =20 firewalled from the internet. I just don't want some wanker coming in =20 making us look bad by stealing all our credit card data. You can only =20 imagine the lawsuits that could result if you didn't take reasonable =20 efforts to secure the data. Now don't even get me started on the HIPAA crap! On Nov 30, 2005, at 5:20 PM, Bess Ho wrote: > I think Pat is concerned about storing card whenever it is encryped =20 > or not. So many new rules from visa and mastercard esp this year. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to = Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "Bess Ho"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

The IBC root beer has arrived! (1997) [searchString] (1997) Items XX to XX shown (1997) WCS Newbie question (1997) [WebDNA] To Flush, to commit or to...? (2014) OT - royalty free images (2002) loops (2000) Configuring E-mail (1997) restart needed???? (1997) [WebDNA] What Webcatalog with Itools?? (2008) Speed Optimization - Mac (1997) using showpage and showcart commands (1996) WebCatalog can't find database (1997) 2.0 Info (1997) Storebuilder, Smith-Micro Tech Support (2000) HTML Mail & Line breaks... (2004) New Plug-in and Type 11 errors (1997) WebCat2b15MacPlugin - showing [math] (1997) Webcat 2.0.1 date math bug -> Crash! (1997) Summary: Webmerchant quitting (1998)