I'm trying to find the best way to uniquely identify customers before they make a purchase to ensure a coupon code isn't used twice by the same person. I do not intend to make my website full PCI compliant since I'm not planning on storing Credit Card numbers (only does POST.) I want to generate a SHA 256 (one way encryption) of the first name concatenated with the last name and the credit card number and store this into my database. Would this require PCI-compliance, although it is a one way encryption? What about using the first name + last name + last 4 digits of the credit card, would it still require full PCI compliance?
Thanks,