Hi guys, I am an IT placement student with a company coming to the end of my year. The exciting prospect of being employed by this company has came up for the time between when I finish as a student and beginning my final year at university.

The task that will need to be done is to set up a form using asp that will process direct debit details. I can happily use forms to transfer information between scripts and communicate with servers. I want to know what the procedure is for transmitting this information securely.

It has not been decided yet if the database which contains this information will be kept on an internal server or hosted externally. I have tried googling answers but I have been unable to find anything useful.

What security issues should be taken into account when a user is entering and submitting their bank account details?

Will they need to be encrypted in some way?

Is the best course of action to get in touch with the company that will be processing the direct debits and requesting the use of a dummy server that will be able to receive information I send and respond accordingly?


Hi David,

You may want to look into "PCI" standards (Search for: Payment Card Industry Data Security Standard).

Will you be storing the card info, or simply passing it on to a third party service such as Authorize.net for processing/authorization?

Obviously you will need a valid SSL on the site collecting/transmitting the data. Beyond that, it depends what kinds of data you are planning on storing on your own servers.

And yes, you should definitely be able to get a developer account from your merchant provider which will allow you to start coding to their standards.

Best of luck,


Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.