HI Richard, thanks for the info. With regard to the setup it will be something more or less like this: I want to generate my own keypair. The private key I keep secure, offline, on the machine that does the admin (charging, refunds etc). The public key is used on the server to encrypt card details the minute they arrive on the server (even using SSL, the data will arrive unencrypted because the web server decrypts it). Encrypted card details are written to file, and moved off the server overnight by a cron job. On the admin machine, offline, the details get decrypted when needed to perform transactions, using the private key. The admin box is on ADSL, but behind a firewall with no services or ports open to the internet. I.e it can initiate a connection to the server on the internet, but not the other way around. Does this setup sound secure enough and a solution that can work? What kind of encryption should I be using? Point out any areas where you think I might be missing something or going wrong. Thanks in advance. Angelo >>> "Richard Lynch" <ceo@xxxxxxxxx> 01/31/05 8:37 PM >>> Angelo Zanetti wrote: > this might be slightly OT but I know that the list has quite a > knowledgable crowd =) So here is my situation: > > I have a client who I have developed a site for in PHP it provides > various models for shares forecasts, the way it works is that people > register for free (with their credit card details-https) now if they > are > not satisfied after a month they must just unsubscribe. If they have > not > unsubscribed after the first month they become a customer and each > month > their credit card is charged the relevant amount depending on what > they > have subscribed for. > > Now our the complication is as follows: I know that storing client's > credit card details online is a big NONO, so we would have to move the > credit card details offline when they register. Im not sure how to go > about this. Whether to save the details in text files somewhere else > on > the server or save to text files not on the server but another > location. > > Can anyone recommend/advise the best way to do this, also what type of > encryption should I be using for the credit card info? The SIMPLEST way to do this is to charge their credit card with a recurring charge when they sign up, and then just THROW AWAY their credit card number. Your credit card processing vendor then has to remember their credit card number, not you. You'll get a one-time transaction identification from the credit card server that you can use to manage their account -- You can then use THAT one-time transaction number to cancel their account, issue refunds, etc. without remembering their credit card number at all. You MIGHT even be able to set this recurring charge to not start until a month later, so you're all set. Given the sheer number of sites and services that have a free trial period, it's very very very likely that the credit card vendors are already all set up to handle this for you. If not, you can almost for sure set the recurring charge, then reverse out the first month's transaction, leaving the rest intact, so they get their free month. You do *NOT* want to store their credit card info *ANYWHERE* at all, period, if you can avoid it. For sure, you do *NOT* store it in a text file on that server, and probably not even in a text file on some other server. If you absolutely MUST store their credit card info, re-post again, explaning WHY, and you'll get some advice. Be warned that that advice will probably involve buying more computer hardware, and hours and hours of setup, as well as a physically secure location, and an independent audit by a security expert, and ... Let's just say "Lots of time and money" Go read the credit card vendor's manual -- I'm willing to bet you can have a solution in hours that doesn't involve you storing credit card numbers. -- Like Music? http://l-i-e.com/artists.htm -------------------------------------------------------------------- Disclaimer This e-mail transmission contains confidential information, which is the property of the sender. The information in this e-mail or attachments thereto is intended for the attention and use only of the addressee. Should you have received this e-mail in error, please delete and destroy it and any attachments thereto immediately. Under no circumstances will the Cape Peninsula University of Technology or the sender of this e-mail be liable to any party for any direct, indirect, special or other consequential damages for any use of this e-mail. For the detailed e-mail disclaimer please refer to http://www.ctech.ac.za/polic or call +27 (0)21 460 3911 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
