[plug] [OT] Storing Credit Card details...

Onno Benschop onno at itmaze.com.au
Fri May 14 10:37:21 WST 2004


In order to store credit card number and expiry in a MySQL database, 
I've come up with the following process, which uses the MySQL ENCODE()
and DECODE() functions.

Let me know if you see any holes in this process, but this is how I've
done it:
      * Generate a key and return the md5 of it as a password
      * Encrypt the two CC fields with the password
      * Email the password to the client and to the user

Then for verification:
      * Client logs in (SSL/.htaccess)
      * Enters the password (actually needs to paste it)
      * Decrypted record is retrieved
      * Details displayed in light-blue - to hinder printing

AFAIK, details are not retrievable if the password is lost.

Each password is unique, so even if the DB was hacked and email
intercepted, only one record could be recovered.

Note, there is no access to gpg, this is a small client with an existing
cleartext storage. The client is responsible for deleting records. Only
an order number, product, price and surname are stored.

The emails are not encrypted, they contain order number and password. 
They also contain user credentials and order cost and products.

This is not my ideal situation, but have I missed any points that would
make this process not as secure as I expect? (Namely, as good as
MySQL ENCODE() and a maximum of one record accessed if compromised.)


Onno Benschop 

Connected via Optus B3 at S28°38'23" - E153°13'27" (Bishop's Creek, NSW)
-- 
()/)/)()        ..ASCII for Onno.. 
|>>?            ..EBCDIC for Onno.. 
--- -. -. ---   ..Morse for Onno.. 

Proudly supported by Skipper Trucks, Highway1, Concept AV, Sony Central, Dalcon
ITmaze - ABN: 56 178 057 063 - ph: 04 1219 8888 - onno at itmaze dot com dot au




More information about the plug mailing list