Why store the data at all though? On the system I'm working on the Java agent communicates over a URLConnection with a 3rd party gateway which returns a success/failure message and all happens over an SSL connection. No need to store the cc number at all. Passes the responsibility for PCI compliance to somebody else.
Why store the data at all though? On the system I'm working on the Java agent communicates over a URLConnection with a 3rd party gateway which returns a success/failure message and all happens over an SSL connection. No need to store the cc number at all. Passes the responsibility for PCI compliance to somebody else.