Storing Credit Card Data: an analysis
I had planned an entirely different post for today. In fact, I think I might have even promised a different post for today…but, everyone once in a while I read something that is so well thought out and researched that simply sharing via my shared items feed is wholly insufficient. Martin McKey at Network Security Blog made just such a post today.
Security is paramount.
What? That statement lacks context.
No. It doesn’t. It is not open for discussion. It is a truism.
In fact, industry shifts demonstrate this as a truism.
But, now is not the time for discussion of the importance of security, it is time to highlight an incredibly intelligent discussion of the dangers of storing consumer payment information.
Many of the merchants I’ve dealt with keep everything and I do mean everything. I’ve run into systems that have card numbers in their databases that date back to the first time they opened up an e-commerce site in the late 80’s.
Take time to read the entirety of the article. I don’t have much, at this point to add to the discussion (although I, not surprisingly, have strong feelings and recommendations). Rather, I highlight this post to draw attention to the issue.
Read, consider, grumble, learn, form an opinion, let me know what you think…
October 15, 2008