cents.
The first thing you should rethink is if there is a way to NOT store those
CC numbers in your database. If that's the case, then storing them securely
is a moo point (moo... what cows think... unimportant) For example if you're
sending the CC number to a merchant gateway like authnet, just send it when
the data comes in and don't store the CC numbers. It removes a tremendous
amount of liability from your company.
If that is impossible, encryption is your next best bet. There are a lot of
encryption tools out there. From what I remember, the blowfish algorithm is
supposed to be very effective, search the net for cfx_blowfish. Regardless
of what you use to do the encryption, the more important problem is dealing
with the encryption key. As far as I know all encryption utilities require a
key (a long string of text) to encrypt and decrypt the data. I would focus
your attention on securing that key.
For example, don't just put it in your code, because if someone can simply
read your code, they can obtain the key. This isn't terrible, but not great:
<cfset encryptionkey="abc123">
<cfx_blowfish mode="encrypt" input="#creditcard#"
output="encryptedcreditcard" key="#encryptionkey#">
The reason it's not great is that if someone simply gained access to reading
your code (bugs in IIS come to mind) then they would have access to the key.
If that was combined with the encrypted data string they could decrypt it.
The next thing you could do is store part of it in the database and part of
it in the code like this:
<cfquery name="querykey" datasource="dsn">
Select key from keytable
</cfquery>
<cfset encryptionkey="abc123#querykey.key#">
<cfx_blowfish mode="encrypt" input="#creditcard#"
output="encryptedcreditcard" key="#encryptionkey#">
This is a little better because now if they read your code they wouldn't
immediately have access to the key. Of course the downside is that if they
could read the code it's not enough, they would also need to gain access to
the data table to get the encrypted value, therefore they would ultimately
have access to the "keytable" too. So you could go a little overboard like
this:
<cffile action="" variable="filekey" file="c:\somefile.key">
<cfregistry action = "" branch = "HKEY_LOCAL_MACHINE\Software\MyKey\"
entry = "SecretKey" type = "String" variable = "regkey">
<cfquery name="querykey" datasource="dsn">
Select key from keytable
</cfquery>
<cfset encryptionkey="abc123#querykey.key##filekey##regkey#">
<cfx_blowfish mode="encrypt" input="#creditcard#"
output="encryptedcreditcard" key="#encryptionkey#">
And... encrypt the cfm template.
Now they would need access to the c: drive, the registry, the database, the
cfm file and a way to decrypt the cfm. This is not unbreakable by any means,
I can already think of a way around it. But it's easy to do and would show a
judge you took a series of steps to attempt to protect the data :-) If you
still want consulting help, give me a call.
Steve Nelson
843-367-8360
_____
From: Mickael [mailto:[EMAIL PROTECTED]
Sent: Friday, April 16, 2004 8:41 AM
To: CF-Talk
Subject: Online Payment Form
Hello,
I need to create an online payment form for one of my clients. We will need
to store the credit cards in a MSSQL database encrypted then send the
encrypted info to another machine.
This form needs to be reviewed by the company issuing the merchant account
for security and stability. I have never done this before. Could someone
point me in the right direction, pitfall, what to include etc..
I would also be open send off a couple of hours of consulting time via
paypal to anyone off list that has a lot of experience that would be will
guide through this.
Thanks
Mike
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
