I'm designing a site using ASP.NET and I would like the content to be subscription based. For the most part, everything will be charged to a credit card every month. I know I can store the CC in the database but is there another more secure solution to this?
This isn't a giant project so I need some solution that's simple, quick, secure, and reliable that one developer can do.
Most likely it depends on your payment gateway and/or merchant account setup. Some payment gateways like Authorize.net will handle the recurring billing for you.
Use a payment processor that will handle credit card recurring charges. Most big processors will do this for you, and store the credit card information.
-Adam
Is it an option to NOT store the credit card data?
See this if you need some encouragement: PCI DSS Compliance
If you store credit card information then you must be PCI compliant. Some payment gateways like Authroize.net will handle recurring billing for you but will only charge the credit card and that is it. If a credit card fails after that due to expiration you will never know, your customer will never know and you will lose that customer.
There are services out there that will charge your customer's credit card every month, automate the process if a credit card fails, automate emails to your customers, take care of the PCI compliance so you dont have to deal with it and more. One of these services is Chargify. That way you dont have to store CC information and your customers will be billed correctly.
