Just a note on encrypting. I know of a company getting ready to release a
strong encryption tag that will use 128bit ryndahl encryption algorithm.
look at www.cfxworks.com for more info. Actually there site is still under
construction, but will be ready soon. It should be released very soon and it
is rock solid from our testing... You can forward any questions to me...
Thanks,
Robert
----- Original Message -----
From: "Matt Wisdom" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Wednesday, January 17, 2001 10:47 AM
Subject: Storing/Encrypting Credit Cards
> We need to store credit cards in a certain situation. I realize that this
is
> recommended against.
>
> That being said, I have searched through the archives, and I haven't found
> any solutions that are great. The best I found was to use a solid ( or
> "pretty good" ;-) encryption for the credit card numbers in the database,
> and then force the hacker to figure out how CF is unencrypting the
numbers.
> The other suggestions were ways to further obfuscate this process, but
none
> were "100%" solutions.
>
> An alternate solution I am considering is to store part of the credit card
> in our database, and part in a user cookie, both encrypted of course. We
> already have a cookie requirement in the case where we need to store
credit
> cards, so that is not a problem. Also, I don't think that the users will
> mind only being able to access their credit cards from the machine from
> which they were saved.
>
> Is anybody utilizing this method?
>
> Matt
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists