Date: Wed, 29 May 2002 10:54:45 -0500 (CDT) From: Sean Farley <sean-freebsd@farley.org> To: Enno Davids <nconedd@webjump.national.com.au> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web site security questions Message-ID: <20020529104123.T92401-100000@thor.farley.org> In-Reply-To: <20020529090421.Q23636@webjump.national.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 29 May 2002 09:04, Enno Davids wrote: > On Tue, May 28, 2002 at 05:22:49PM -0500, Sean Farley wrote: > | > |5) Change code to encrypt the credit card numbers with a public key. > | > |6) Change code to decrypt the credit card numbers via an encrypted key > | stored within the database. > | > |7) Change code to prompt for a password whenever a credit card number is > | pulled from the database. This will take a bit of work to make this > | convenient. > | > > There are some obvious key management issues here and clearly you're at > least making the attempt to grapple with them, but there is an alternative > which is to simply NOT STORE the credit card numbers to begin with. If > they're not stored, they can't be compromised. At least not in the routine > manner they might be if they're in a database. This may of course require > changes to the business model you're offerring (most people want to do > recurring billing and want to do it by grabbing and holding onto their > customers credit card numbers). At first, the costs are against using an online credit card processor, but I hope to move to using one soon. In the mean time, I think I will change the code to delete the card number when the card has been charged. This should limit the number of cards that can be stolen. The question in my mind is whether my encryption scheme is worth it. Do the thieves dump the database and run? Or will they be more elaborate and do something to obtain the password for the key? You would not happen to have any recommendations for inexpensive yet good processors? Please no Athlon or Pentium suggestions. :) > You'll be aware that essentially ALL the anecdotal evidence about theft of > credit card numbers devolves to people breaking into systems and accessing > stored lists/databases. There is essentially no evidence of them being > snooped off wires or stolen by trojans or the various other alternatives so > far (which may only mean that no one's been caught of course... but its > worth considering). The database is the main target and not the application. That is good to know. It tells me where to focus my efforts, but I will still take precautions against snooping methods. Sean ----------------------- sean-freebsd@farley.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020529104123.T92401-100000>