I need to collect course registrations, with cc info, via an ASP
registration form that would operate under SSL. The order info would be
stored in a database that resides outside of the public web directory.
If I write a password protected utility that runs under SSL that allows
the person processing orders to view/print records in this database
under SSL so they can be manually processed, and after printing delete
the cc number in the db, realistically, how secure is this? Host won't
let me use PGP. They don't want to use Paypal, and can't get an online
merchant account because they're considered a high risk business
(travel). What other options do I have? Thanks.
