On May 30, 2010, at 10:50 AM, tedd <tedd.sperling@xxxxxxxxx> wrote:
At 12:43 PM +0200 5/30/10, Peter Lind wrote:
On 30 May 2010 07:49, Paul M Foster <paulf@xxxxxxxxxxxxxxxxx> wrote:
-snip-
Does anyone have a better solution?
I'm sorry if the following sounds a bit harsh, but in matters like
these I prefer blunt directness.
A few notes. 1) one-way encryption means "no decrypting" - that's
what
one-way is (like a one-way street, there's no driving the other
direction). You're looking for encryption that can be decrypted, not
one-way encryption which is otherwise known as hashing. 2) do not
store credit card information. Just don't. It's downright stupid to
do
so, because it's a huge risk for very little gain. 3) farm out risks
like these to companies that specialize in dealing with them - you
will with 100% certainty not be able to do as good a job as these.
The question to ask is not: how to store credit card information
securely? The question to ask is: do I really want to be the next
person in the internet spotlight because my setup turned out to
have a
security hole I overlooked?
Paul:
Let me be equally blunt. Petter is absolutely right!
Do NOT have your client store customer credit card information on a
server -- period! That's the stuff people go to jail over. Instead,
use a credit card clearing house to do the heavy work, that's what
they get paid for.
Besides, most credit card processing agencies even require that you
use the customer's data (cc number, expiry date and CCS) to make the
sale and then immediately dispose of it afterwards, usually within
24 hours under a signed agreement. Holding that information for more
than 24 hours can be a criminal offense regardless of what type of
hashing you use.
While many of my customers have made the argument that they keep
hard-copy records of their customer's credit-card information in-
house and they don't understand why they can't do the same online --
I reply that hard-copy kept in a safe behind "brick and mortar" in
far more secure that digital data behind any "security" code open to
the world. There isn't a security system out there that can't be
hacked. If the client insists on keeping this information online,
then find another client because at some time, someone is going to
jail and it's not going to be me.
So, let the people who can keep up with technology (a continued
effort and expense) worry about hackers -- just use their services
and sleep at night.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I work with some of the largest retailers in north America if not the
world, and I can confirm that the security measures taken to enforce
pci compliance are not something lightly undertaken.
If those entities choose to store the cc#s then they do the following:
1. Store the encrypted values on servers that are NOT web facing
2. Use ridiculously long encryption keys ( well into the 1000s of
characters)
3. They also create a representative value that exists outside the
system that has to allow some basis of data mining.
Really as mentioned you don't want to do this. Especially if you have
no control over the servers.
Bastien
Sent from my iPod
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
