/    Sign up×
Community /Pin to ProfileBookmark

SSL Session Security

Copy linkTweet thisAlerts:
Mar 19.2010

I am building an online store for my company. Customer are able to buy one of our products from our website where we charge there credit card. We have purchased and installed an SSL cert on the server through our ISP. What I am wondering is that I store the credit card, expiration date and CVV code in a session variable to transfer to the script that sends the information to the merchant gateway. My question is, that if all this is happening on the secure https pages, how much risk is there of session hijacking and someone getting a customers CC information?

to post a comment
PHP

1 Comments(s)

Copy linkTweet thisAlerts:
@tirnaMar 19.2010 — If you are concerned about your legal liabilities if someone steals credit card and other personal information for which you are responsible for storing securely, then another option could be to use PayPal to process your customers' online payments.

If you like have a look at the info on how to integrate PayPal into you website at:

[URL]https://www.paypal.com/au/cgi-bin/webscr?cmd=_wp-standard-overview-outside[/URL]

1) You can use your own customised shopping cart or Paypal's shopping cart.

2) When your visitor wants to checkout, the details in their shopping cart along with any other details you choose are sent to Paypal's secure online payment page where the shopper will have the option to use their credit card or paypal account to make their payment.

3) Paypal then handle the online payment and credit your Paypal account with the payment.

4) You have the option to customise the Paypal payment pages to include your company logo and background colours so that they maintain at least to some extent the look and feel of your website.

5) When the shopper has finished their online payment you have the option to have paypal send them back to a 'Thank You' or whatever page on your website.

I've integrated Paypal into some online stores I have built using my own shopping cart and the Paypal online payment option works well.

[B]Using Paypal, you don't have to worry about storing shoppers' credit card details.[/B]

Anyway, just food for thought. ?
×

Success!

Help @themonkey40 spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...