Posted by Robert G Laurin on January 21, 2010 at 04:59:38:
In Reply to: ODBC Driver posted by Robert G Laurin on January 19, 2010 at 10:48:58:
Oh my!
On checking what's displayed on the OdbcDrv, I (or anyone else) can actually see the connection information - including the login/password in clear text. That is on top of the already showing encryption keys.
That means that no matter what kind of protection I try to put in, my security data is exposed!!
I am sorry to report that Comet is definitely NOT compliant with PCI DSS requirements. The whole exercise is to get credit card data properly protected.
Has anyone successfully passed the PCI audit while using Comet?
FYI PCI DSS stands for Processing Card Industry Data Security Standards
Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.