Storing credit card numbers in cookies securely using cURL
First off, this goes against everything I know about PCI compliance.
I am working with Intuit's guest pay form. I get the form from Intuit's website with cURL, the form has some session ID's or something.
The form itself uses jQuery and as soon as it is submitted jQuery writes the credit card number to a cookie in your browser.
I need to replicate that with php to set the cookie with the credit card number and the use cURL to access Intuit's tolenizer URL.
I can only think of two things to make this secure,
1) make the cookie file name a long obscure non pronounceable name.
The site will be https.
Does anyone have any other ideas for security?