One thing I dont think will scale well is the use of a human to aprove the addition of new credit card customers.
What would you do if you've got a high transaction site with people wanting to spend their money right away? If you have a human aproving the credit card before use, you'll get too much lag and people will go elsewhere (I would).
I'm assuming you'll be doing this to protect yourself against fraud - what'll happen if a person gets their cc stolen, and needs to add another card? They'll have to "re-apply" and wait another period of time until their application is processed. IMHO I reckon you can automate all this. It will save lots of time and money. Check out www.amazon.com they do (at the front end) what I personally think is a good method of handling cc transactions.
Otherwise I think if you store the priv key "offline", perhaps on a private network somewhere behind your font end, and have a seperate machine to handle your ecommerce gateway (and only your ecomm machine can access your private key machine), you could be fine.
I havent had any real good commercial experience in ecommerce systems (yet), but the above sounds kinda logically secure - I wouldnt mind seeing what other people have to say.
In reply to Re: Strong Encryption
by Ryszard
in thread Strong Encryption
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |