http://www.dslreports.com/forum/r18199898 en Thu, 10 Dec 2009 11:09:42 EDT Thu, 10 Dec 2009 11:09:42 EDT http://www.dslreports.com/forum/remark,18199898 Eek2121 : Okay, assuming this is true (I actually read about it yesterday) I have some questions for valve.

1) Why in the HELL is credit card information stored on the same system as the hosting for steam?
2) Why is financial information for valve stored on that same system?
3) Why aren't user logins restricted by host, etc.

When i design secure payment systems, credit card information is NEVER kept on a system serving web pages of any sort. It is also heavily encrypted and no incoming connections are allowed, save a 'safe list' of hosts via SSH on a non standard port. Further more, i never store credit card information unless i absolutely need to.]]> http://www.dslreports.com/forum/remark,18199898 Thu, 19 Apr 2007 15:18:01 EDT