Hacker News new | ask | show | jobs
by drndown2007 5549 days ago
As I mentioned above, Authorize.Net's CIM (Customer Information Manager) works in a similar way -- you send the credit card info from your website to Authorize.net (and never store it in between) and you get a token back which you can store, and which you can use to make charges later.
1 comments
MichaelGG 5549 days ago
But if the CC info ever hits your server, your server, apps, etc. fall into scope. Not storing it just gets you out of a small part of PCI.
link