So sprach »Alexander 'Digital Projects' Skwar« am 2001-07-26 um 18:48:15 +0200 :
> MySQL's builtin ENCRYPT() function is good enough. No need to worry
Uhm, is ENCRYPT decryptable?
Anyhow, I was rather thinking about ENCODE()/DECODE().
> PS: filter sql
Alexander Skwar
--
How to quote: http:
So sprach »William R. Mussatto« am 2001-07-25 um 23:01:49 -0700 :
> But what happens when the customer returns the product? You no longer
> have the cC to do a chargeback
Have him enter it again. Explain that this is done to increase the
security and he may be fine. If not - well he's already
database,sql,query,table
So sprach =BBPeter van Dijk=AB am 2001-07-25 um 23:59:48 +0200 :
> That is only true for a parallel cipher. A non-parallel cipher (like
Yep, that's why I said symetrical encryption. Asymetrical enc.'s work
like you explained.
Alexander Skwar
--
How to quote: http://
So sprach »Fletcher Sandbeck« am 2001-07-25 um 15:08:48 -0700 :
> I would counter that symmetric encryption is reasonably easy to
> implement and provides a modicum of security, so why not go ahead and
> do it. Just don't be fooled that a determined individual won't be
> able to defeat your encr
On Wednesday 25 July 2001 17:53, Elvis wrote:
> You can always degrade the credit card.
>
> 1) verify AUTH ONLY (not capture) with your CC provider. (if you want to
verify they have funds available and the CC is valid)
> 2) store the CC # in the database
> 3) ..do your order processing thing or
letcher Sandbeck <[EMAIL PROTECTED]>,
> mysql <[EMAIL PROTECTED]>
> Subject: Re: mysql and credit cards
>
> You can always degrade the credit card.
>
> 1) verify AUTH ONLY (not capture) with your CC provider. (if you want to verify they
>have funds available and
ated
> somewhere else, would allow you to 'transport' the tables containing the
> sensitive data (i.e. credit card info) with some sense of security...
>
> - Original Message -
> From: "Fletcher Sandbeck" <[EMAIL PROTECTED]>
> To: "mysql&quo
you to 'transport' the tables containing the
sensitive data (i.e. credit card info) with some sense of security...
- Original Message -
From: "Fletcher Sandbeck" <[EMAIL PROTECTED]>
To: "mysql" <[EMAIL PROTECTED]>
Sent: Wednesday, July
On 7/25/01 at 7:12 PM, Alexander Skwar wrote:
> However, if you need to reconstruct it, nothing is safe. And that's
> quite simple:
> a) You need to get access to the MySQL server. Impossible to do from
> the outside if '--skip-networking' is used.
> b) So, only possible from the localhost. Th
On Wed, Jul 25, 2001 at 07:12:17PM +0200, Alexander Skwar wrote:
[snip]
> 'encryption'? Hmm, how about: none? If you don't need to reconstruct
> the cc#, md5 will be good.
Indeed. That is however rarely the case with credit card numbers.
> However, if you need to reconstruct it, nothing is saf
So sprach »Alan Cox« am 2000-02-20 um 11:57:47 -0500 :
> Greetings: I was wondering if anyone has any ideas about the best way to
> store credit cards in a database ... and I'm not referring that much to the
> field type, but rather encrytption techniques.
'encryption'? Hmm, how about: none? If
atabase, in case someone gets their hands on a copy
of your DB or a 'dump').
I have attached my simple 'webdoc' on how to install "libmcrypt" for use
with Apache/PHP
- Original Message -
From: "Alan Cox" <[EMAIL PROTECTED]>
To: "mysql"
Greetings: I was wondering if anyone has any ideas about the best way to
store credit cards in a database ... and I'm not referring that much to the
field type, but rather encrytption techniques.
Thanks.
Alan Cox
[EMAIL PROTECTED]
---
13 matches
Mail list logo
