• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 244
  • Last Modified:

Credit card security

How can i send securely Credit card information to the server after form submisson using ColdFusion?
Is it necessary to have SSL installed on the server?
Where can i get information regarding?
Is there any custom tag that securely sends Credit card information to the server? Pl. help...
0
manoher
Asked:
manoher
  • 5
  • 2
  • 2
  • +3
1 Solution
 
TEFKASGCommented:
>>Is it necessary to have SSL installed on the server?

  Actally that's all you need as far as I know.  I don't know if Cold Fusion has any special tags for it, as I haven't had to use any.  :>)
0
 
TEFKASGCommented:
Also they can send you load of info on web business security.  :>)
0
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

 
TEFKASGCommented:
Here for the gerneral site overview:

https://www.verisign.com/
0
 
TEFKASGCommented:
0
 
meverestCommented:
for ssl, don't overlook www.thawte.com - in many cases cheaper, in some cases easier, and just the same result.

for credit card processing, you could also look at a solution like this: www.xilo.com/veripay - that is one for australian $$ - not sure of any in other currencies.

cheers.

0
 
meverestCommented:
oh - what i meant to say about that veripay service is that if you use something like that, you don;t even need SSL coz the system provides SSL already.

cheers.
0
 
jimmy282Commented:
what about autorize.net

their website is http://authorizenet.com

Jimmy
0
 
cheekycjCommented:
SSL is not something you should purchase from a third part.. your web service provider should already have it.

The setup process should be...
your billing form doesn't need to be but for user's piece of mind should be on SSL port.

The page that is submits to MUST be on SSL no matter what.

I also recommend authorize.net, mentioned by Jimmy.  I use them and they are very good.

CJ
0
 
cheekycjCommented:
FYI: SSL is encryption at the network layer.. so no sw or custom tags are needed... any and all information that is communicated over an SSL port is encrypted by the server and sent over.. so you don't have to worry about implementing an encryption scheme or using some encryption algorithm.

CJ
0
 
tionghoeCommented:
There are 2 parts to the issue. SSL encryption must be configured on the web server. Configurations include the encryption levels (128,56 or 40-bits encryption), the SSL port (normally is 443) to be used and which of the web directories is to use the SSL. You may need to have a SSL certificate installed on the web server. The SSL certificate may be purchased from a CA.
0
 
hansamryanCommented:
You might want to use an encryption method once it card is put into the DB, because sure the SSL encrypts it from the pc-->Server but from there its up for grabs.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 5
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now