[Previous] [Next] [Index]
[Thread]
Re: Credit Card Security
On Apr 20, 7:24, Prentiss Riddle wrote:
> Subject: Re: Credit Card Security
>> From owner-www-security@ns2.rutgers.edu Thu Apr 20 00:51:44 1995
>> Date: Wed, 19 Apr 1995 18:00:25 -0500
>> To: www-security@ns1.rutgers.edu
>> From: ksaxe@midwest.net (Kent Saxe)
>> Subject: Credit Card Security
>>
>> I was wondering if you could reccomend a security program for a WWW site
>> that will have credit card numbers entered in it. Please respond!
>
>While we wait for the web community to agree on a bulletproof standard
>(and for the holes in X and Unix and all of our LANs to be plugged as
>well), here's an approach that I like:
>
>The InfoSeek service (http://www.infoseek.com/Home) has a
>telephone-based system for reporting credit card numbers. The user
>dials an 800 number and is prompted to enter a credit card number on
>the touch-tone pad; the system responds with a six-digit code which the
>user then enters into a WWW form. The credit card number itself never
>goes over the IP network. Assuming that the six-digit numbers are only
>usable once, this setup should be pretty secure from network-based
>attacks.
So now you trust some 800 # eh?
The model that still works best for me is http:/www.fv.com/tech
--
Cheers!
[ psr ]
Follow-Ups:
References: