Not storing the credit card numbers at all would be the best option :-)
If you must, we've usually used crypt for one-way encryption, or
Crypt::BlowFish for stuff we need to be able to decrypt (look after your
key!).
On Thursday, June 14, 2001, at 09:54 pm, Tim Gardner wrote:
> When apache is serving a ssl connection, I assume that everything sent
> back and forth between the server and the client is encrypted. I want
> an mod_perl script to encrypt/decrypt credit card numbers obtained over
> the ssl connection for storage in a db on the server. Is there any
> access to the same routines that apache is using for the encryption or
> do I have to use some other module. If I have to use another module,
> what would be a good choice?
>
> Thanks,
> Tim
>