Search Postgresql Archives

Re: Encrypted column

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/05/07 08:59, Alvaro Herrera wrote:
Ron Johnson wrote:
On 06/04/07 17:54, Guy Rouillier wrote:

Many people consider two-way encryption to be insecure; two-way encryption means you can decrypt a value if you know the key, and it is insecure because you usually have to put the key into the source code. That means at least one person in your company, the programmer maintaining the source code, can learn all of your users' passwords.
Two-way encryption is needed for companies that store customer credit cards.

I thought that the advice for companies storing customer CCs was: don't.

Sometimes you "must".

An example from my industry: transponder "toll tags" and toll roads. The customer pre-pays a certain amount based on expected usage, and every time he drives thru a plaza, his balance decreases. Once it drops to a certain threshold, more money needs to be added to the account.

If he is a CASH/CHEK customer, a light at the lane flashes yellow and (depending on the Agency) a message pops up saying, "Balance low", so he drives over to the customer service center, stands in line and pays his cash.

If he is a CC customer, the system (which I am DBA of) bills his card directly, saving the customer much time and effort.

--
Ron Johnson, Jr.
Jefferson LA  USA

Give a man a fish, and he eats for a day.
Hit him with a fish, and he goes away for good!



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux