Not sure how to best secure

[blainehilton]

I have a client that has OSC 2.1 installed with 2checkout and PayPal. She is not happy with the 2checkout and wants to switch to having a secure site and process the credit cards herself with a card machine. Currently I have it setup so they go off to the secure 2checkout page to enter their credit card info.

 

What I'm planning to do is first upgrade to 2.2 and then buy a security certificate from GeoTrust. After setting up the secure site I was going to use the contribuation to email the CC# encrypted through GPG.

 

Do you think this would be the best way? I know I shouldn't have the credit card numbers stored on the database. Any suggestions would be appreciated.

[hobbzilla]

.. and then buy a security certificate from GeoTrust.

I would look at http://www.instantssl.com instead. GeoTrust isn't compatible with base install of win98SE. Plus it offers more for less.

 

Do you think this would be the best way?

 

Personally would go with an automatic processesor like Authorize.net or similiar if you are going to get a Merchant account anyway (required for POS terminals anyway).