We just completed functionality testing of our new e-commerce site and going to launch.We are accepting credit card payments. I'm really concerned about it's security.What are the precautions to be taken? I'm not so good at web security. Please advice.
Asked
Active
Viewed 189 times
-2
Harikrishnan
- 452
- 1
- 5
- 18
-
6I'm glad that you are at least concerned about security, but for the love of all that is holy, **HIRE A PROFESSIONAL SECURITY CONSULTANT**. I'm not trying to offend you or be rude, but there is no other practical alternative if your going to be handling other peoples money. – NULLZ Aug 30 '13 at 07:14
-
2Use an existing payment service provider to handle taking card details; keep them out of your own systems at all costs. – bobince Aug 30 '13 at 08:38
-
> Use an existing payment service provider +1 – that guy from over there Aug 30 '13 at 14:21
1 Answers
5
Yeah.... you don't do something like that yourself when "I'm not so good at web security." Have a look at PCI-DSS and the horrible horrible things that you can be liable for if you don't do things properly.
Instead, you should use something like Authorized.net to take care of handling that part for you.
Also, I really hope that you are using an existing e-commerce solution instead of writing your own. The amount of things that you can screw up when you have no idea what you are doing is so scary it's not even funny.