Log in

No account? Create an account

Tue, Jan. 8th, 2008, 02:20 pm
Tech question about website security and credit cards

Well here i am at my new job, i'm currently doing some self training with their training resources and a few questions have come up.

1. I know there are international requirments for capture and storage of credit card details on websites as outlined here http://en.wikipedia.org/wiki/PCI_DSS

What I would like to get is a link to a document that outlines the legal requirements of any australian company to follow these requirements.

2. Obviously all sites that capture information regarding a person i.e. there personal details and credit cards need to have an SSL Certificate. But is this enough? Is there another level of security that should be used on a site when capturing detais, credit card details in particular? Or is an SSL certificate enough?

If anybody can help that would be great.
(Deleted comment)

Tue, Jan. 8th, 2008 03:38 am (UTC)

yeah that stuff is outlined in PCI DSS spec but i need to see some sort of document that says it's an australian legal requirement. i've seen the doc before but I don't know where it is on line.

I'll check the visa/mc websites. Thanks! :-)

Thu, Feb. 7th, 2008 01:14 pm (UTC)

tag :)