Originally Posted by pspmodandcfw
Correct me if i'm wrong but isn't it illegal to store credit card information in plain text? Or is that just a security convention for the smaller programmers who makes ecommerce scripts and not people like paypal and google checkout etc?
there is no law regarding this.
Originally Posted by Kage
At least credit card information was encrypted.
the next question is how good the encryption is...
When anonymous hacked the hbgary federal site it turned out that their databases were encrypted, but getting passwords for users accounts wasn't as difficult as the system designers would have obviously liked it to have been