On Sun, May 30, 2010 at 11:50 AM, tedd <tedd.sperling@xxxxxxxxx> wrote: > At 12:43 PM +0200 5/30/10, Peter Lind wrote: > >> On 30 May 2010 07:49, Paul M Foster <paulf@xxxxxxxxxxxxxxxxx> wrote: >>> -snip- >>> >>> >>> Does anyone have a better solution? >>> >> >> I'm sorry if the following sounds a bit harsh, but in matters like >> these I prefer blunt directness. >> >> A few notes. 1) one-way encryption means "no decrypting" - that's what >> one-way is (like a one-way street, there's no driving the other >> direction). You're looking for encryption that can be decrypted, not >> one-way encryption which is otherwise known as hashing. 2) do not >> store credit card information. Just don't. It's downright stupid to do >> so, because it's a huge risk for very little gain. 3) farm out risks >> like these to companies that specialize in dealing with them - you >> will with 100% certainty not be able to do as good a job as these. >> >> The question to ask is not: how to store credit card information >> securely? The question to ask is: do I really want to be the next >> person in the internet spotlight because my setup turned out to have a >> security hole I overlooked? >> > > Paul: > > Let me be equally blunt. Petter is absolutely right! > > Do NOT have your client store customer credit card information on a server > -- period! That's the stuff people go to jail over. Instead, use a credit > card clearing house to do the heavy work, that's what they get paid for. > > Besides, most credit card processing agencies even require that you use the > customer's data (cc number, expiry date and CCS) to make the sale and then > immediately dispose of it afterwards, usually within 24 hours under a signed > agreement. Holding that information for more than 24 hours can be a criminal > offense regardless of what type of hashing you use. > > While many of my customers have made the argument that they keep hard-copy > records of their customer's credit-card information in-house and they don't > understand why they can't do the same online -- I reply that hard-copy kept > in a safe behind "brick and mortar" in far more secure that digital data > behind any "security" code open to the world. There isn't a security system > out there that can't be hacked. If the client insists on keeping this > information online, then find another client because at some time, someone > is going to jail and it's not going to be me. > > So, let the people who can keep up with technology (a continued effort and > expense) worry about hackers -- just use their services and sleep at night. > > > Cheers, > > tedd > > > To add my two cents - if you plan to store card information, in the eyes of the Payment Card Industry you will have to be Tier One compliant. How high are the standards? Visit hackerguardian.com and take the free test. We *thought* it might be cool to store the CC info for a new enterprise, provide convenient "one-click" shopping, etc, so we ran through the questionnaire at that level. It would take more time to design, implement and test the security and audit systems than to write the app. Furthermore, since we were doing the new project in the cloud we could not meet the requirements for physical security. So we settled for Tier4 - we take the information as part of the transaction, https to CC processor, get an "OK" or "Not OK" back, and no cardholder info stored on our server at all, apart from the transaction number. Cheers - Miles Thompson ~~~~~~~~~~~~~~~~~~~~~~~~~~ "The piano keys are black and white, But they sound like a million colours in your mind" Spider's Web - Katie Melua
