There is no real need to store a users credit card details. Here in Australia there is a very good payment gateway that will process refunds by suppling the merchant number and the receipt number that was issued. Therefore the responsibilty for security lies with the gateway, which would not last too long if it was breeched. IMHO too many companies dont take security seriosly when it comes to their websites, most small websites are constructed for very little, if you consider how much is spent on their internal systems, and will only pay minimal charges to host their sites. Not much of a saving if they are breeched and make the news.
Slashdot Mirror
There is no real need to store a users credit card details. Here in Australia there is a very good payment gateway that will process refunds by suppling the merchant number and the receipt number that was issued. Therefore the responsibilty for security lies with the gateway, which would not last too long if it was breeched. IMHO too many companies dont take security seriosly when it comes to their websites, most small websites are constructed for very little, if you consider how much is spent on their internal systems, and will only pay minimal charges to host their sites. Not much of a saving if they are breeched and make the news.
$0.02 worth