Re: Credit card arrangement
This WebDNA talk-list message is from 2005
It keeps the original formatting.
numero = 63529
interpreted = N
texte = Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you =dealing with healthcare clients?We have "intelligence" system to process payment without storing the =card at site. It will be clean with HIPAA. It is not AuthorizeNet.If you are interested, we can talk offline.Bess-----Original Message-----From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf OfBob MinorSent: Wednesday, November 30, 2005 4:13 PMTo: WebDNA TalkSubject: Re: Credit card arrangementThey wanna audit it as well. Use to be they controlled the software =20etc. Now there are so many hands in the cookie jar, I have to store =20it, my customer has to store it. We have had to go through numerous =20network audits its not funny.We had a special device that cloaked our network, no one could tell =20if a machine had open ports or not. We watched and maintained =20honeypots etc. Well the credit card companies came in and said hey =20all your stuff is vulnerable to attack. We no its not, we just dont' =20let the outside world know what we are doing period. They made us put =20in a visible and therefore more vulnerable firewall so that they =20could see what we were doing to protect our network and the hosting/=20colocation customers.I think what they are doing is ultimately the right thing. I would =20much prefer not to hold the CC at all or if I do on a machine that is =20firewalled from the internet. I just don't want some wanker coming in =20making us look bad by stealing all our credit card data. You can only =20imagine the lawsuits that could result if you didn't take reasonable =20efforts to secure the data.Now don't even get me started on the HIPAA crap!On Nov 30, 2005, at 5:20 PM, Bess Ho wrote:> I think Pat is concerned about storing card whenever it is encryped =20> or not. So many new rules from visa and mastercard esp this year.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to =Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Boy, Bob. I didn't know you have to deal with the HIPAA too. Are you =dealing with healthcare clients?We have "intelligence" system to process payment without storing the =card at site. It will be clean with HIPAA. It is not AuthorizeNet.If you are interested, we can talk offline.Bess-----Original Message-----From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf OfBob MinorSent: Wednesday, November 30, 2005 4:13 PMTo: WebDNA TalkSubject: Re: Credit card arrangementThey wanna audit it as well. Use to be they controlled the software =20etc. Now there are so many hands in the cookie jar, I have to store =20it, my customer has to store it. We have had to go through numerous =20network audits its not funny.We had a special device that cloaked our network, no one could tell =20if a machine had open ports or not. We watched and maintained =20honeypots etc. Well the credit card companies came in and said hey =20all your stuff is vulnerable to attack. We no its not, we just dont' =20let the outside world know what we are doing period. They made us put =20in a visible and therefore more vulnerable firewall so that they =20could see what we were doing to protect our network and the hosting/=20colocation customers.I think what they are doing is ultimately the right thing. I would =20much prefer not to hold the CC at all or if I do on a machine that is =20firewalled from the internet. I just don't want some wanker coming in =20making us look bad by stealing all our credit card data. You can only =20imagine the lawsuits that could result if you didn't take reasonable =20efforts to secure the data.Now don't even get me started on the HIPAA crap!On Nov 30, 2005, at 5:20 PM, Bess Ho wrote:> I think Pat is concerned about storing card whenever it is encryped =20> or not. So many new rules from visa and mastercard esp this year.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to =Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
"Bess Ho"
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[accountNum] and [math] (1997)
long list formatted in a table (2004)
Searching a database... (2003)
Finding max value for a field (1997)
Setting up WebCatalog with Retail Pro data (1996)
[WebDNA] [OT] Steve Jobs (2011)
The beginning (1997)
[quantity] solved (1997)
Problem with version 4 browsers (1998)
MATH PROBLEM (1997)
WebCat2b15MacPlugIn - [authenticate] not [protect] (1997)
RAM variables (1997)
Re:quit command on NT (1997)
Umm...about those log files? (Off Topic) (1997)
Dynamic Generation of PDFs? (2003)
ShowNext (1997)
Secure Server not remembering discounts (1998)
WebCatalog for guestbook ? (1997)
Just a thought (1998)
Pipes instead of tabs (1998)