I like the idea of single serial cable with only write access (no read) to the CC Processor and that the CC Processor is not on the network.

Also some care should probably be taken that any variables used to store the CC info en route from CGI app to CC Processor should be nullified after the CC info has been passed along. If someone breaks into your webserver and gets root they could dump memory to core and possibly pick up CC numbers that way. Something to think about.

metadoktor

"The doktor is in."