Why You Should Never See a Credit Card
1 Comment » comment(s)
Back when I did my first startup, we were pretty hardcore about data privacy. We had an overpriced SSL certificate, we encrypted credit cards and other customer data, encoded our PHP code with Zend Encoder, and disallowed SSH connections except from specific IPs. We were in charge of security.
Nowadays, PCI Compliance is the boss. If you store or transmit credit card information in your organization or site, you will have to conform to the PCI DSS rules in order to do business.