PCI Compliance is scary business and I don't have the time to manage someone's server.
My client needs to be able to pass a Credit Card to a 3rd party over the phone, the problem
is storing it on-site is illegal without PCI compliance.
Can I encrypt and store 1/2 of the Credit Card number, and email the other 1/2 to a Gmail account?
Would this be considered shady practice? Is it even legal?