If people ended up buying things from me, the standard practice was for them to read out their credit card details so I could purchase things for them, in their name.
This is why I find it strange that the idea of sending CC information over a dialup phone line was seen as unacceptable.
Simple, new technology is scary, no matter how "safe" it actually is in reality (or not).
Douglas Adams:
> 1. Anything that is in the world when you’re born is normal and ordinary and is just a natural part of the way the world works.
> 2. Anything that’s invented between when you’re fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it.
> 3. Anything invented after you’re thirty-five is against the natural order of things.
Of course, you can probably sit there with a nice microphone and record the front desk to hear those calls.
Unfortunately there is no real way to do properly secure telephone payments, stuff like PCIPal just moves the payment information from the caller speaking it out and it being entered into whatever payment gateway the call agent is using to doing it automatically via DTMF but its all transmitted the same way.
You just need to hope the call centre you are phoning into is setup in a way that the agents can't exfiltrate that payment info (No phones, no paper, no access to anything they shouldnt have access to)
