[Gllug] OT : Credit cards in a MySQL Database

[Tethys]

"Calvin la Cock" writes:

>I'm busy developing an e-commerce site that takes cash bookings that is
>secured via a credit card number.
>
>How can I safely safe credit card details in MySQL ? or any other sensitive
>information ? encryption ??

You can't. If you're dealing with financial data, then MySQL is the
wrong choice. You need a real ACID database. If you're intent on
sticking with MySQL, then your options are governed by how you use
the data.

Do you actually need to store the credit card number itself, or is it
just used for authentication? If it's for the latter, then you can just
use a suitable hash of the card number (MD5 or SHA1, for example), and
store that. When the user tries to log in, hash the card number they've
entered, and compare it to the hash on the database. Note, though, that
credit card numbers make very poor authentication tokens, as there are
only a limited number of permutations (far fewer than the 16 digits
would imply).

If you need the number itself stored (for example, if you wish to charge
that card at a later date), then you're eseentially limited to picking a
symmetric encryption algorithm (e.g., 3DES, AES) using that. The problem
becomes how to safely enter the encrpytion key. You don't want to read it
from a file, because if your web applciation can read it, then so can any
intruder that breaks into the box. Ideally, your app would refuse to start
until a human typed in the encryption key. That brings problems for out of
hours failures, but that's what pagers are for, right?

Tet

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug