I would agree, storing credit card numbers on a database such that they can be used by an automated system (without manual intervention) is a serious risk. Unless you are operating an EXTREMELY secure server with good firewalls and the bare minimum of shell access I would have second thoughts.
I (in the UK) use a third party payment provider operating between my secure site and the merchant. Credit card details are securely passed to the providor who then process the payment purely returning a "yes" or "no" for the transaction and if successfull a long transaction reference string. If I need to repeat the payment or reverse it I simply send this reference string (and if required new expiry date) back to the providor. Therefore I store no card details whatsoever and don't have sleepless nights. In addition the providor at no extra charge provides automated repeat payments. A payment of £20 per month for example for 6 months could be requested. A single transaction is sent to the providor and they then (without my intervention) automatically take the other 5 payments. This level of functionality for a commision (from 1.5% or lower) I consider to be extremely good value. If you want details of this providor contact me offlist ... (not using this list for adverts !!!). Regards, Phil Ellett, www.e-payment.co.uk Sheffield. UK. . ----- Original Message ----- From: "Hack Hawk" <[EMAIL PROTECTED]> To: "David Gerler" <[EMAIL PROTECTED]>; "Mysql" <[EMAIL PROTECTED]> Sent: Sunday, October 06, 2002 7:57 PM Subject: Re: protecting CC numbers > At 11:21 AM 10/06/2002, David Gerler wrote: > >Hi, > >Can someone give me an overview > >of protecting the numbers with mysql and SSL? Will the SSL protect the > >numbers when they are stored on the site? Or just when they are > >transmitted? Should I use something like PGP to encrypt the numbers > >before storing? > > Sounds like you've answered your own questions. :) > > SSL = Secure Socket Layer. > Socket in the sense of a network socket/connection. SSL will NOT ensure > protection/encryption of the information once you have it on the server. > > I've used PGP Command line encryption in the past to do the types of things > you're talking about here. However, if you're a programmer or have access > to one, you may want to look into using http://www.openssl.org/ to encrypt > the numbers before they go into the database. > > You need to be extremely careful in doing what you're proposing above. If > you AUTOMATE some sort of process of charging the cards, then you're likely > talking about storing the routines and passwords to retrieve and decrypt > the CC numbers automatically. This implies hard-coding a private key and > password somewhere on your system. This type of system (IMO) should NEVER > be connected to the Internet. At the very least I'd recommend having a > separate off-line system where your credit card numbers are archived to, > and where that system dials up the bank network to perform the monthly charges. > > NEVER under any circumstances should you "permanently" store CC's (even > encrypted) on systems that are connected to the Internet. I say 2 to 3 > days max before archiving them off-line (off-Internet). This minimizes the > risk if a hacker should happen to break in. > > - hawk > > > --------------------------------------------------------------------- > Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > > To request this thread, e-mail <[EMAIL PROTECTED]> > To unsubscribe, e-mail <[EMAIL PROTECTED]> > Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
