Retailers look to exorcise credit-card data

Retailers look to exorcise credit-card data
Robert Lemos, SecurityFocus 2007-10-09

Beset by the public-relations nightmare of numerous data breaches, U.S. retailers proposed last week that they not be required to store credit-card data following a transaction.

Re: Solid and practical 2007-10-23
Sandu Mihai

First of all, if a retailer is not storing anything (even the confirmation code and whatever other stuff) it will tend to relax his security practices on the idea: Oh, that golden data is at the uber-data-fortress, the bad guys won't hit me.

WRONG. If a hacked modifies the retailer's system to send...

[ more ]