liamloveslearning Posted April 23, 2010 Share Posted April 23, 2010 Hi everyone, Im building a website for a client where they will need to store bank details of their clients, Im quite naive on this matter and so im quite uneasy doing this. If anything was to go wrong, who would be held reliable? me the coder? or the client? Ive read that my client will need to register with the data protection act, but will the bank details need to be encrypted even if its using an ssl cert? Quote Link to comment Share on other sites More sharing options...
fanfavorite Posted May 7, 2010 Share Posted May 7, 2010 Is there a reason you are doing this? What I recommend is finding a merchant provider that gives you confirmation codes that you could use to bill an account. That way all the information is stored with the merchant provider. Then in the clients site you could store things like the last 4 digits of the credit card or some details that if found can't be used. If you really have to store information, you need to make sure you have extremely secure machines, with very limited access for anyone. This even means hosting companies and their employees. You pretty much need to have an on premise machine that is highly secure. Quote Link to comment Share on other sites More sharing options...
fanfavorite Posted May 7, 2010 Share Posted May 7, 2010 Also, as for the encryption, everything needs to be encrypted. If someone did get access, you don't want them to be able to directly see all the bank information. It is another form of security. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.