Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5

Thread: SSL

  1. #1
    Senior Coder
    Join Date
    Jun 2002
    Location
    ColoRockyz
    Posts
    1,649
    Thanks
    1
    Thanked 0 Times in 0 Posts

    SSL

    If I have my site SSL'd and post credit card info to a 3rd party processor also SSL'd, is it secure?

    Thanks
    Zoobie or not Zoobie...That is the problem.
    <body onUnload="flush( ! )">

  • #2
    Regular Coder
    Join Date
    Jun 2002
    Posts
    676
    Thanks
    1
    Thanked 0 Times in 0 Posts
    zoo...
    for some reason??? /me seems to just a think® thattt alll the info hasss to be just a transferred® via the same ssl...

    /me just a reminds® ya shes stilll not programmed to just a think® lol...

  • #3
    Senior Coder
    Join Date
    Jun 2002
    Location
    ColoRockyz
    Posts
    1,649
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Does anyone know what prompts if any the user gets when I send him from my SSL site to another SSL site on a different server?

    Thx
    Zoobie or not Zoobie...That is the problem.
    <body onUnload="flush( ! )">

  • #4
    Regular Coder
    Join Date
    Jul 2002
    Location
    Las Vegas, NV - USA
    Posts
    104
    Thanks
    0
    Thanked 0 Times in 0 Posts
    If you are talking about "bouncing" a user's browser session to a third party SSL server, then the prompts the user sees are 100% under the control of the third party processor.

    If you are talking about performing a server-to-server session from your server directly to the third party processor, then the prompts the user sees are 100% under your control -- the user's browser session never leaves your site.

    Security wise, either method can be made "secure enough" for e-commerce but a server-to-server link is more secure because it is less prone to various "spoofing" or "data doctoring" techniques used by fraudsters.

    With either method, the best advice I could give you is to not use any auto-close or auto-settle "features" to settle your transactions for clearing. Provided there are good security procedures in place for the auditing and submitting of transactions for settlement, then no matter what tricks or hacks fraudsters use on the front-end, you or the merchant will be able to stop the transactions before they go to interchange and the money is transferred.

    For more information, take a look at $$$ ON THE NET(tm) and the rest of our web site. Good luck in whatever you use...
    Last edited by Shift4Sms; 01-17-2003 at 07:52 PM.
    Steven Sommers (blog)
    Shift4 Corporation -- www.shift4.com

    Creators of $$$ ON THE NET(tm) payment processing services.

  • #5
    Senior Coder
    Join Date
    Jun 2002
    Location
    ColoRockyz
    Posts
    1,649
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Ok...I was just informed that my server actually doesn't have to be SSL'd to post creditcard info to a SSL'd server. I'm wondering if that's really true...
    Zoobie or not Zoobie...That is the problem.
    <body onUnload="flush( ! )">


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •