We are using CIM to store user credit cards and are attempting to take our backend web server completely out of the process.
When a user fills out a credit card form on our website, we would like to post the form directly to the Authorize.NET CIM API. The problem is that the API requires that we also send our API Key and Transaction Key, so this information would need to be embedded somewhere in the HTML or Javascript on our web page.
Is there any way for us to post credit card info directly from the client's web browser to CIM without our API Key and Transaction Key being potentially compromised in this way?
Again, our goal is to prevent our backend server from handling any sensitive credit card information, even if it is just passing that information off to CIM.
