We are using CIM to store user credit cards and are attempting to take our backend web server completely out of the process.
Is there any way for us to post credit card info directly from the client's web browser to CIM without our API Key and Transaction Key being potentially compromised in this way?
Again, our goal is to prevent our backend server from handling any sensitive credit card information, even if it is just passing that information off to CIM.
We just released a hosted CIM option that may help with what you're looking to do. Please check out the announcement here and see if this will work for what you're trying to accomplish.
Developer Community Manager