Hello everyone,

Do any of you use modernbill and store the credit cards on the server?

Question 1: Do you think even a server being totally secure, is fairly safe to store encrypted credit cards?

Question 2: are you ever worried someone might break in and figure out way to decrypt it?

Question 3: what do you think is the minimum character amount someone should have as their encrypted code?

I would love to hear people's inputs.

MB recommends that one not store CC#'s.

If you do, be sure to encrypt using secure password. That is all I can say.

My webhosting company uses modernbill to encrypt the credit cards. We suggest an encryption key of about 8 characters atleast. We have had no problems with doing it this way and find it to be a very nice way to handle things.

Credit Cards should not be stored on the server. This is what I would do:

Have it encrypt it with a 12 character encryption key upon sign-up.

As soon as you notice of the new signup, CC#, etc. - take the information down to your local machine, and delete off of the database.

Do not store it physically unless you have a lock box, safe, etc. I keep my passwords in a zipped .txt that is password protected.

Regardless of the well meaning advice being given here, there are extremely rigid requirements concerning the storing of credit card information. Please review Visa's CISP (http://usa.visa.com/business/merchants/cisp_index.html?ep=v_sym_cisp) policy ( Cardholder Information Security Program). If these requirements are not met you could be liable for any and all credit card fraud that may occur with any of the cards you store.

Hardly worth the hardware required, or the investment it would take to maintain conformance with CISP regulations...

The CISP Requirements

An easy to remember list of 12 basic security requirements with which all Visa payment system constituents need to comply

-Install and maintain a working firewall to protect data
-Keep security patches up-to-date
-Protect stored data
-Encrypt data sent across public networks
-Use and regularly update anti-virus software
-Restrict access by "need to know"
-Assign unique ID to each person with computer access
-Don't use vendor-supplied defaults for passwords and security parameters
-Track all access to data by unique ID
-Regularly test security systems and processes
-Implement and maintain an information security policy
-Restrict physical access to data


Dont you do all this already? I think its not that difficult to do.

If these requirements are not met you could be liable for any and all credit card fraud that may occur with any of the cards you store.

Arent you liable even if you follow these guidelines? These guidelines should be considered OBVIOUS and bare minimum to get by.


Question 1: Do you think even a server being totally secure, is fairly safe to store encrypted credit cards?

Rule #1: A internet-connected server cannot be made totally secure. You have to assume that someone can and MIGHT be able to root-compromise the server, no matter how unlikely it may seem.

Question 2: are you ever worried someone might break in and figure out way to decrypt it?

See rule#1 :)

I would argue that even IF someone obtained root, they should NOT be able to decrypt the sensitive information. I believe that with proper application of PKI security this is entirely possible.

Question 3: what do you think is the minimum character amount someone should have as their encrypted code?

2048 bit would work ok. Read this:

http://www.eco.utexas.edu/faculty/Norman/BUS.FOR/course.mat/SSim/key.html

An interesting excerpt:
RSA recommends that 512-bit keys do not currently provide sufficient security, and should be discontinued in favor of 768-bit keys for personal use, 1024 bits for corporate use, and 2048 bits for extremely valuable keys like the key pair of a certifying authority

I would think that if 2048 bit is enough for Verisign it should be enough for you to store your credit cards with.

As soon as you notice of the new signup, CC#, etc. - take the information down to your local machine, and delete off of the database.

Good idea in thought. What about in practice?

Presumably then, you are storing the info elsewhere. On paper? On your windows box at home? Either of those choices are CONSIDERABLY worse than properly encrypted in a database online.

I keep my passwords in a zipped .txt that is password protected

Email me your .zip file and I will email you back your passwords in plaintext.

My webhosting company uses modernbill to encrypt the credit cards

MB does not store credit cards safely in a recurring-billing scenario at least as of the last time I reviewed the software for purchase.

.MB recommends that one not store CC#'s.

Here is why:

Recurring billing is done via Cron. How would the server decrypt the credit card numbers? You guessed it - the key is KEPT ON THE SERVER.

Might as well store your numbers in plain text - a hacker with any level of aptitude will simply find the key and extract the data. It fails my proposal that even if root is compromised the date must be kept safe.

Well i agree with you innova
No sensitive data should be open for public, the data should be offline, you are wrong about that, offline data is at least 99% safer, people should not have data on servers not even that are lan connected, but offline data is still the safest place.
1. Dont just store you data on a local pc, local pc could have internet access or lan access or even person access.
Store it on a CD or DVD or ZIP or external harddisk.
On the CD or where ever its stored encrypt the Data, not with ZIP of course, its very easy to crack zip files, encrypt it with tools for heavy use like PGP, use the International version not the US version, ¿why?
The US version has a limited encoding files because the Goverment cannot even crack so easy if you use the full encription mode. So use the International one, i think its even illegal to use the International one if you live in the US.

2. Dont leave the cd near the pc, store it on a lock if you want to be safe, and the Unlocking code should be a on PC that also doesnt have lan or internet connection. Use a Fingerprint device, so only the person allowed can access the PC. The device are not expensive they cost like 60$.

So now we have 2 possible escenarios for cracking the data.
1. You must be a very good hacker.
2. You must be a very good deaf.

Even if you get the CD with the data, after breaking inside the Office and cracking the alarm, and even open the safe box, you must be a very good hacker to crack the info. Most crackers are just crackers not people that will actually put a gun in your head, so you would need 2 persons to actually get the data. Of course nothing its 100% safe in life but i can assure you not even yahoo makes so restrictions. Also You could even have one cd with the data, and the other one with key to decrypt the data. So yes all this is more safer that encrypt on your server. Of course its not practical if you have to use the data all time, but that is another story. The more safer the more hard it is and anti commercial to use the data, since you cannot use it when ever you want.
As for modernbill just a question, if you actually dont store the cards on the server how will Modernbill process recurring payments???
Its safe but if it cant process recurring payment you actually bought an automation software wich you cant use since its not automatic.

It is a very valid point about ModernBill storing the key on the server - if the server is compromised, it would likely be one of the first things that the hacker targets.

In addition, keep in mind that with most data centers - your servers are openly accessible to any one in the data center without any kind of ID-tracking or logging unless you have your own private cage or space in a data center.

One of the CISP requirements addresses the physical security and accessibility of all servers used so this is definitely something to keep in mind... all of the best security on a box can be easily rendered useless to someone with physical console access.

Pardon me for being completely ignorant, but how does recurring billing with modernauthorize work?

Where is the credit card info stored to perform the recurring transactions?

Well that is a good question, if the card is not stored i think, im not sure, modernbill cant do recurring billing,
As for 3 parties like 2checkout they said they would support recurring billing on the next release estimaded August, but i think the card would be have to be stored if not how would this work, i dont have modernbill, i had it sometime ago, so if someone can explain please.

The ModernBill software stores the credit card data on the merchant's server. It is encrypted, of course, but it is still present there on the server.

If the user has billing setup as an automated cron, it is also necessary to have the key present on the server as well unless something has changed recently.