[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Credit card
- Subject: Re: [cobalt-security] Credit card
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Wed, 15 May 2002 06:44:16 -0700
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
duncan gray wrote:
> Do the credit card
> companies say you cant do this sort of thing? is it chiseled out in
> stone somewhere?
At least as of yet the Credit Card issuers have NOT told us HOW to
secure our credit card information, though some are beginning to ASK.
> I'm sure holding CC details on the server would be
> more secure then the office next door, where all some one has to do is
> brake a window(ok yeah just an example), take the reciepts. etc.
While we use a third-party gateway to process credit cards, we do end up
with some credit card numbers. They're secured in a virtual drive
created by a jetico.sci.fi (see my previous post in this thread), on a
protected system behind a firewall.
> Or just look over someones shoulder when they are making a payment
> somewhere.
It's not really about physical security so much as risk and perceived
security. I stand by statements I've been making for years that your
credit card is more secore (in general) on the 'net than it is in a
restaurant when you give it to that 20yo waiter/waitress who just
started working a the local coffee check with no background check.
But I still don't want to end up on the six-o'clock news.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484