Results 1 to 19 of 19

Hybrid View

  1. #1
    Join Date
    Jan 2002
    Location
    Atlanta, GA
    Posts
    1,249

    Proper way to store CC

    I'm designing a web based order form for a company.

    They don't want to take CC's directly online. They want to have the CC's stored in the DB and verify the orders then proccess them through their CC machine in store.

    What would be the proper way to store them online?

    What's a good cyrpto function to use that would be acceptable for this application?
    char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }main (){void (*f)() = x;f();}
    I wear a gray hat

  2. #2
    RSA, 1024 bits, sent to them via email and stored on the machine (in case the email gets lost).

    If you're lazy, use GPG; otherwise, write your own implementation.
    Dr. Colin Percival, FreeBSD Security Officer
    Online backups for the truly paranoid: http://www.tarsnap.com/

  3. #3
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    There is also an EXPERIMENTAL OpenSSL module for PHP:
    http://www.php.net/manual/en/ref.openssl.php
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  4. #4
    Join Date
    Nov 2000
    Posts
    3,046
    I would store it in the DB using the method mentioned above (RSA) as long as it is NOT on a multi-user machine (e.g. better be dedicated). I would then email the store owner when they get an order and have a secure backend to login to and view credit cards that need to be processed.

    I would avoid sending ANY private information via email.
    A well-reasoned assumption is very close to fact.
    - Adorno

  5. #5
    Join Date
    Oct 2001
    Posts
    315
    Yup, agree with comphosting. When I build ecommerce sites for customers I do the same thing, just send a notification that "you have an order", and then have them securely log in through an SSL page that actually shows the credit card data. One thing I wanted to add though, I have an extra button that, once they've processed the order, overwrites the credit card information with zeros... no sense storing it. Don't forget - if the server can display the number, then the key is somewhere on the server; someone who hacks root or at least ability to read scripts can gain access to the encrypted data, and the key to unencrypt it.

    I wish there was an easy solution for recurring transactions, short of putting them on a floppy on a workstation and keeping the floppy in a safe.
    Adam
    GetWebSpace.com
    Personal Life Timed Out Due To Inactivity

  6. #6
    Originally posted by getweb
    Don't forget - if the server can display the number, then the key is somewhere on the server; someone who hacks root or at least ability to read scripts can gain access to the encrypted data, and the key to unencrypt it.
    That's why the server should RSA encrypt the sensitive data with a key which is only held by you. With RSA, it is possible to encrypt data on the server but have the server unable to decrypt it; if you're going to be processing the credit card numbers offline, there is no reason for the server to be able to access those numbers.
    Dr. Colin Percival, FreeBSD Security Officer
    Online backups for the truly paranoid: http://www.tarsnap.com/

  7. #7
    Write, your own blowfish algorithm. That way it can be encrypted on the server side, but decrypted on the client side. This would be the best way to take on this situation in my opinion.

  8. #8
    Originally posted by ChickenSteak
    Write, your own blowfish algorithm. That way it can be encrypted on the server side, but decrypted on the client side. This would be the best way to take on this situation in my opinion.


    Blowfish is symmetric. If you can encrypt it on the server, you can decrypt it on the server.

    You want something asymmetric, like RSA or el gamal.
    Dr. Colin Percival, FreeBSD Security Officer
    Online backups for the truly paranoid: http://www.tarsnap.com/

  9. #9
    Originally posted by cperciva




    Blowfish is symmetric. If you can encrypt it on the server, you can decrypt it on the server.

    You want something asymmetric, like RSA or el gamal.

    Yes if they have the key, yet only the people authroized will have the key, and in this sence the "key" is the decryption. Also note how I said client/server I didn't say SERVER/SERVER . Which in this case what he could do is write a c++ script for client side which requires a password to login, and is on client side, and a server side where it just stores the cc#'s. Then the client side goes in & dl's server side to the client side(here is where rsa comes in during the download), and decrypts the c++ program decrypts on the client side.

  10. #10
    Join Date
    Aug 2002
    Location
    Baltimore, Maryland
    Posts
    580
    ahhh, storing cc#'s in databases on WEBSERVERS is a bad idea....but if your gonna do it use blowfish

  11. #11
    Join Date
    Apr 2002
    Location
    AU
    Posts
    1,049
    plaintext and leave it on your webserver with the name order.log

  12. #12
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Hi cperciva,

    I feel for you man
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  13. #13
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Let me give you all some friendly advise:

    If you don't understand anything about security, then ..
    Do NOT use Blowfish


    * If you DO understand anything about security then you don't need anybody to tell you not to use blowfish.
    Last edited by Ahmad; 09-08-2002 at 11:51 AM.
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  14. #14
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Originally posted by hosticle
    plaintext and leave it on your webserver with the name order.log
    That would be perfect
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  15. #15
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679

  16. #16
    Originally posted by hosticle
    plaintext and leave it on your webserver with the name order.log
    Best idea, yet . Well anyway's everyone has there own opinion, it's nothing to argue over.

  17. #17
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Originally posted by ChickenSteak

    Best idea, yet . Well anyway's everyone has there own opinion, it's nothing to argue over.
    That would actually work very well by just adding one more step:

    - Unplug your webserver

    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  18. #18
    Join Date
    Aug 2002
    Location
    Baltimore, Maryland
    Posts
    580
    Originally posted by Ahmad
    Let me give you all some friendly advise:

    If you don't understand anything about security, then ..
    Do NOT use Blowfish


    * If you DO understand anything about security then you don't need anybody to tell you not to use blowfish.
    u can say that again

  19. #19
    lol

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •