From owner-freebsd-isp Tue May 28 16:15:20 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lemon.national.com.au (lemon.national.com.au [203.57.241.81]) by hub.freebsd.org (Postfix) with ESMTP id 698B937B406 for ; Tue, 28 May 2002 16:15:16 -0700 (PDT) Received: by lemon.national.com.au (Postfix, from userid 5) id F2BF59FBD8; Wed, 29 May 2002 09:04:25 +1000 (EST) Received: from webjump.national.com.au(164.53.27.38) by lemon.national.com.au via csmap (V4.1) id srcAAAKKayN1; Wed, 29 May 02 09:04:24 +1000 Received: (from nconedd@localhost) by webjump.national.com.au (8.10.2+Sun/8.10.2) id g4SN4Lv24667; Wed, 29 May 2002 09:04:21 +1000 (EST) Date: Wed, 29 May 2002 09:04:21 +1000 From: Enno Davids To: Sean Farley Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web site security questions Message-ID: <20020529090421.Q23636@webjump.national.com.au> References: <20020528171331.I87801-100000@thor.farley.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020528171331.I87801-100000@thor.farley.org>; from sean-freebsd@farley.org on Tue, May 28, 2002 at 05:22:49PM -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, May 28, 2002 at 05:22:49PM -0500, Sean Farley wrote: | |5) Change code to encrypt the credit card numbers with a public key. | |6) Change code to decrypt the credit card numbers via an encrypted key | stored within the database. | |7) Change code to prompt for a password whenever a credit card number is | pulled from the database. This will take a bit of work to make this | convenient. | There are some obvious key management issues here and clearly you're at least making the attempt to grapple with them, but there is an alternative which is to simply NOT STORE the credit card numbers to begin with. If they're not stored, they can't be compromised. At least not in the routine manner they might be if they're in a database. This may of course require changes to the business model you're offerring (most people want to do recurring billing and want to do it by grabbing and holding onto their customers credit card numbers). You'll be aware that essentially ALL the anecdotal evidence about theft of credit card numbers devolves to people breaking into systems and accessing stored lists/databases. There is essentially no evidence of them being snooped off wires or stolen by trojans or the various other alternatives so far (which may only mean that no one's been caught of course... but its worth considering). Anyway, just a thought, Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message