On Jun 5, 2007, at 7:28 AM, Ron Johnson wrote:
On 06/05/07 08:59, Alvaro Herrera wrote:
Ron Johnson wrote:
On 06/04/07 17:54, Guy Rouillier wrote:
Many people consider two-way encryption to be insecure; two-way
encryption means you can decrypt a value if you know the key,
and it is insecure because you usually have to put the key into
the source code. That means at least one person in your company,
the programmer maintaining the source code, can learn all of
your users' passwords.
Two-way encryption is needed for companies that store customer
credit cards.
I thought that the advice for companies storing customer CCs was:
don't.
Sometimes you "must".
An example from my industry: transponder "toll tags" and toll
roads. The customer pre-pays a certain amount based on expected
usage, and every time he drives thru a plaza, his balance
decreases. Once it drops to a certain threshold, more money needs
to be added to the account.
If he is a CASH/CHEK customer, a light at the lane flashes yellow
and (depending on the Agency) a message pops up saying, "Balance
low", so he drives over to the customer service center, stands in
line and pays his cash.
If he is a CC customer, the system (which I am DBA of) bills his
card directly, saving the customer much time and effort.
Public key encryption can help here. Encrypt with the public key when
it goes into the database, keep the private key on a separate, well
protected system that's just used for recurring CC billing.
Cheers,
Steve
