Hi,
I'm building an auction website that charge small fee for each bid. There is option to buy bank of bids, and there is an option to pay separately for each bid.
When paying for each bid - I don't want to ask the user to re-enter the credit card info each time. On the other hand I'm surely don't want to store the credit card info on DB and I have read that it is not safe to save it as session variable, not to mention cookies.
The client credit card processing company can't store the credit info either. All cc info is entered by user under SSL of course.
So, is it even possible ? Is there a safe (/safer) way to store the cc info in the session ?
Thanks