What needs SSL protection? Not how!

[ChrisKassa]

I am ready to go "live" with an OS Commerce store at http://www.harveyseasyliving.com

 

I have enabeled the credit card module. Everything works fine and is secure during the checkout process. I am concerned about the security of the data after the order is processed. Specifically:

 

Is the sql database secure?

I ask, because the credit card number is stored in the sql database. There is an option to "split" the credit card number, sending the inner 8 digits to the store owner, and the outer 8 digits get stored in the sql database. Is this more secure?

 

Are the emails that are sent secure?

My store owner wants to manually process the credit card info. So on order completion, I just want to send an email (preferably a secure email with the entire credit card number) to the owner so they can process the card. If that is possible, I would then prefer not to store the CC info in sql db at all.

 

Option 2 is to just split the CC number, send the email with inner 8 digits, save the outer 8 in sql db, and make the store owner log into admin and put 8 and 8 together to process the card.

Does this sound like an easier, more secure approach?

 

Please advise on these security concerns. Thank you in advance!

 

Chris