|
|
|
|
|
|
by boysabr3
3084 days ago
|
|
|
I think you have the answer already and IANAL but just to add on, in most countries this a matter of PCI compliance that is enforced by the card networks. In most countries it's not a criminal offence to be PCI non-compliant (but you could be liable for civil suits and fines by the card schemes). I imagine there's a clause in the PCI compliance rules that allows raw card numbers to be sent less securely if they are virtual + single use card numbers or maybe if the liability of fraud on those card numbers doesn't fall on the "original" card holders. |
|
|