Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:You need to store something for monthly billing (Score 2, Insightful) 141

Reason to store Card Info: The customer WANTS them too. I'm sure by now you've come across an online store that ASKED if you wanted them to save it for next time. I use this with Dell and New Egg. If they don't ask then it's a problem, but for everyone else it's the CUSTOMER'S responsibility to make the decisions as to whether or not they trust the company.

Reason to be connected to the intarweb: They PROCESS the cards online (via authorize.net, for example).
I write e-commerce apps for a living. My usual policy (unless the clients demands something else) is to take the card numbers, save them encrypted in a database, wait until a store employee reviews their order to make sure it is okay to ship, charge the card (via authorize.net), ship it, close the order and delete the security code, expiration date, and all but the last 4 digits of the card number.

Thus if (god forbid) someone were to break in the only card numbers they would have access to are orders which have been placed but not shipped yet, and even those would be encrypted unless they also got the encryption key. It's quite likely that an order will be shipped within an hour of it being placed, so the risk involved is almost nothing.

There will always be risk involved, no matter how secure you build a system (or ignorantly THINK you have). Deciding whether or not to allow a company to save your card info is simply saying how much risk you are willing to take.
Portables (Apple)

Submission + - waterproofed iPod

ottoveblin writes: "SwimMan inc. has created the world's first 100%waterproofed iPod. That means no box or case of any kind. Just you and your shuffle and the water. There's already 10 million Gen2 shuffles out there. The realization that they come in WATERPROOF of NOT is bound to shift the market. the release and info can be seen at: swimman.com/release.html thanks"
Security

Submission + - Skype's BIOS Reading Process Part of DRM

Juha-Matti Laurio writes: "An official statement related to Skype's feature to read motherboard serial number on every startup has been released. The Chief Security Officer of the company states that the software in use 'includes a form of digital rights management functionality intended to protect commercial software, such as plug-ins, from illegal redistribution or unlicensed use.' Additionally, the newest Skype version 3.0.0.216 (released this week) no longer attemps to read the serial number. Conspiracy theories about generating an individual encryption key or tracking the users are not needed any more."

Slashdot Top Deals

"Marriage is like a cage; one sees the birds outside desperate to get in, and those inside desperate to get out." -- Montaigne

Working...