FP Form Properties and SSL Security


O

OC

I use FP2000 to manage the website for our local Red Cross chapter -
www.coastalscarc.org. It's currently hosted on the National ARC servers, but
they are considering moving it to a commercial host, in order to get
increased capabilities. Their primary interest is being able to accept
online credit card donations. I can use the commercial host's shared SSL
server and build a form to collect the appropriate info. Using the FP
extensions, I can then save the data to a text file; ie,
_private/..../scarc.txt. This data would be retrieved by FTP.

My question(s) - From an expert's point of view (that's you <G> ), does that
provide adequate credit card security? If yes, how do I also provide them
email notification that a donation form has been submitted, without
including the credit card data in the email? If that is not adequate
security, any alternate recommendations? We have already discussed PayPal,
but their board is not comfortable with that option..

Thanks for your help.
 
Ad

Advertisements

T

Thomas A. Rowe

The credit card info should never stored on the server. Consider use a pre-written shopping cart
application.

You could also stay on your current host and use PayPal.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 
O

OC

Thanks for the feedback, I appreciate the guidance. A priority of the
chapter is minimizing costs, and the commercial hosts adds fees for their
shopping cart. Does the PGP application provide an acceptable alternative,
delivering the credit card <form> info by encrypted email? Thanks again for
your help.
 
Ad

Advertisements

T

Thomas A. Rowe

PGP will cost the organization money, consider using PayPal, as they have a donation function, then
you can avoid the need to have a SSL certificate on your site, unless you have other function that
request info the need to secure, which if you do should be in the organization name, not a shared
one.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top