Accepting bank account information in a form

Posted by jeffthink on Stack Overflow See other posts from Stack Overflow or by jeffthink
Published on 2010-04-17T18:20:01Z Indexed on 2010/04/17 18:23 UTC
Read the original article Hit count: 260

Filed under:
|
|
|

What security concerns are there when accepting a user's bank account information (account number and routing number) via a form on a page that is using SSL, and posting it back to the server where I then curl off a HTTPS request to send that information to an ACH service like First ACH or ACH Direct via their API?

We wouldn't be saving the bank account information in our database. I know another option is to use Paypal's Mass Pay API, but they think it's unprofessional (at least for their business) to require customers to have a paypal account to get paid.

Thoughts?

© Stack Overflow or respective owner

Related posts about security

Related posts about ssl