On Wednesday 25 July 2001 17:53, Elvis wrote:
You can always degrade the credit card.
1) verify AUTH ONLY (not capture) with your CC provider. (if you want to
verify they have funds available and the CC is valid)
2) store the CC # in the database
3) ..do your order processing thing or
So sprach »Fletcher Sandbeck« am 2001-07-25 um 15:08:48 -0700 :
I would counter that symmetric encryption is reasonably easy to
implement and provides a modicum of security, so why not go ahead and
do it. Just don't be fooled that a determined individual won't be
able to defeat your
database,sql,query,table
So sprach =BBPeter van Dijk=AB am 2001-07-25 um 23:59:48 +0200 :
That is only true for a parallel cipher. A non-parallel cipher (like
Yep, that's why I said symetrical encryption. Asymetrical enc.'s work
like you explained.
Alexander Skwar
--
How to quote:
So sprach »William R. Mussatto« am 2001-07-25 um 23:01:49 -0700 :
But what happens when the customer returns the product? You no longer
have the cC to do a chargeback
Have him enter it again. Explain that this is done to increase the
security and he may be fine. If not - well he's already
So sprach »Alexander 'Digital Projects' Skwar« am 2001-07-26 um 18:48:15 +0200 :
MySQL's builtin ENCRYPT() function is good enough. No need to worry
Uhm, is ENCRYPT decryptable?
Anyhow, I was rather thinking about ENCODE()/DECODE().
PS: filter sql
Alexander Skwar
--
How to quote:
Greetings: I was wondering if anyone has any ideas about the best way to
store credit cards in a database ... and I'm not referring that much to the
field type, but rather encrytption techniques.
Thanks.
Alan Cox
[EMAIL PROTECTED]
attached my simple 'webdoc' on how to install libmcrypt for use
with Apache/PHP
- Original Message -
From: Alan Cox [EMAIL PROTECTED]
To: mysql [EMAIL PROTECTED]
Sent: Sunday, February 20, 2000 9:57 AM
Subject: mysql and credit cards
Greetings: I was wondering if anyone has any ideas about
So sprach »Alan Cox« am 2000-02-20 um 11:57:47 -0500 :
Greetings: I was wondering if anyone has any ideas about the best way to
store credit cards in a database ... and I'm not referring that much to the
field type, but rather encrytption techniques.
'encryption'? Hmm, how about: none? If
On Wed, Jul 25, 2001 at 07:12:17PM +0200, Alexander Skwar wrote:
[snip]
'encryption'? Hmm, how about: none? If you don't need to reconstruct
the cc#, md5 will be good.
Indeed. That is however rarely the case with credit card numbers.
However, if you need to reconstruct it, nothing is safe.
On 7/25/01 at 7:12 PM, Alexander Skwar wrote:
However, if you need to reconstruct it, nothing is safe. And that's
quite simple:
a) You need to get access to the MySQL server. Impossible to do from
the outside if '--skip-networking' is used.
b) So, only possible from the localhost. This
(i.e. credit card info) with some sense of security...
- Original Message -
From: Fletcher Sandbeck [EMAIL PROTECTED]
To: mysql [EMAIL PROTECTED]
Sent: Wednesday, July 25, 2001 3:08 PM
Subject: Re: mysql and credit cards
On 7/25/01 at 7:12 PM, Alexander Skwar wrote:
However, if you
the
sensitive data (i.e. credit card info) with some sense of security...
- Original Message -
From: Fletcher Sandbeck [EMAIL PROTECTED]
To: mysql [EMAIL PROTECTED]
Sent: Wednesday, July 25, 2001 3:08 PM
Subject: Re: mysql and credit cards
On 7/25/01 at 7:12 PM, Alexander Skwar wrote
],
mysql [EMAIL PROTECTED]
Subject: Re: mysql and credit cards
You can always degrade the credit card.
1) verify AUTH ONLY (not capture) with your CC provider. (if you want to verify they
have funds available and the CC is valid)
2) store the CC # in the database
3) ..do your order
13 matches
Mail list logo