[plug] [OT] Storing Credit Card details...
Onno Benschop
onno at itmaze.com.au
Fri May 14 10:37:21 WST 2004
In order to store credit card number and expiry in a MySQL database,
I've come up with the following process, which uses the MySQL ENCODE()
and DECODE() functions.
Let me know if you see any holes in this process, but this is how I've
done it:
* Generate a key and return the md5 of it as a password
* Encrypt the two CC fields with the password
* Email the password to the client and to the user
Then for verification:
* Client logs in (SSL/.htaccess)
* Enters the password (actually needs to paste it)
* Decrypted record is retrieved
* Details displayed in light-blue - to hinder printing
AFAIK, details are not retrievable if the password is lost.
Each password is unique, so even if the DB was hacked and email
intercepted, only one record could be recovered.
Note, there is no access to gpg, this is a small client with an existing
cleartext storage. The client is responsible for deleting records. Only
an order number, product, price and surname are stored.
The emails are not encrypted, they contain order number and password.
They also contain user credentials and order cost and products.
This is not my ideal situation, but have I missed any points that would
make this process not as secure as I expect? (Namely, as good as
MySQL ENCODE() and a maximum of one record accessed if compromised.)
Onno Benschop
Connected via Optus B3 at S28°38'23" - E153°13'27" (Bishop's Creek, NSW)
--
()/)/)() ..ASCII for Onno..
|>>? ..EBCDIC for Onno..
--- -. -. --- ..Morse for Onno..
Proudly supported by Skipper Trucks, Highway1, Concept AV, Sony Central, Dalcon
ITmaze - ABN: 56 178 057 063 - ph: 04 1219 8888 - onno at itmaze dot com dot au
More information about the plug
mailing list