daniel@xxxxxxxxxxxxxxxx wrote:
>> Amazon store Credit Card Number in their databases. Are we saying that
>> someone could hack into their database server and steal the numbers?
YES!
Wasn't PayPal widely publicized as a victim of such an event?
Why would you think Amazon would be any better/safer?
No system is unbeatable.
So somebody *could* break in.
You can be damn sure they work really hard to avoid that.
>> Or
>> have Amazon gone far enough to protect their data?
How far is "far enough"?
> I supose they use a similar tactic as i have, and have a two way
> encryption
> method.
I suppose they do a LOT more than that.
They might, just as an example, have a network setup like this:
Seg 1 Seg 2 Seg 3
Internet <---> Public Servers <---> CC Processing Servers <---> CC Storage
Servers
Where Seg 1 and Seg 2 and Seg 3 are all on:
Completely different sub-networks
Completely different network cards
Completely different routers, hubs, switches
Completely different color-coded network cables
.
.
.
And, of course, they use two-way encryption of the data that *IS* on the
CC Servers, so while the secret decoder ring is on the CC Processing
Server, you'd have to break into CC Processing, get the ring, break into
CC Storage, and then apply the ring from CC Processing to the data in CC
Storage. Is this starting to sound like an Adventure Game or what?
They then severely restrict the source code and network access that can
work with Seg 3, with an EXTREMELY limited API, internal documented,
security audited, clean-room access, armed guards on all hardware setup,
etc
Instead of breaking into CC Storage with your secret decoder ring from CC
Processing, you can maybe find a flaw in the API of Seg 3, and sniff out
encrypted data to apply the ring, or even catch it after they decrypted
it.
The point is, you have to work much harder at it because of the segmented
architecture.
By adding an additional layer between the CC Processing and the CC
Storage, they reduce risk significantly.
All the CC machines (Processing and Storage) are in the armed guard locked
storage room for physical access to be severely curtailed. Duh.
But the CC Storage machines have an additional layer of software/network
blocks with severely limited software/network access to the CC Storage
area.
I'm not claiming they *DO* have this, but I'll bet whatever they do have,
it's at least that complicated, if not more so.
Or, even more likely, Amazon doesn't store the number! They let the BANK
that provides their CC processing services store the numbers. So then the
BANK has this kind of setup. Whatever.
This is just a description of what was explained to me on this very same
list several years ago as *ONE* industry-standard way to store CC Numbers
for later retrieval.
I'm not an expert, and may easily have left out some (okay a lot) of
crucial details.
If you're storing CC Numbers with *JUST* the 2-way encryption, maybe
you're doing it wrong. I dunno for sure, but *I* think so. Go hire a
professional security audit and find out.
YMMV IANAL NAIAA
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
