[Gllug] OT : Credit cards in a MySQL Database
Richard Jones
rich at annexia.org
Tue Jun 17 11:06:43 UTC 2003
On Tue, Jun 17, 2003 at 11:48:49AM +0100, Calvin la Cock wrote:
> Hi,
>
> I'm busy developing an e-commerce site that takes cash bookings that is
> secured via a credit card number.
>
> How can I safely safe credit card details in MySQL ? or any other sensitive
> information ? encryption ??
>
> Any ideas will help.
Ack no! Please don't!!
Storing credit cards at your site is a minefield. You'll need to work
with the bank, install a whole bunch of mandated firewall & security
software, possibly have some tech due diligence too.
Best thing is to steer clear and use either WorldPay or SecureTrading
(I've used the latter and a good friend of mine used the former). Your
site just bounces customers off to WP/ST where they pay. You don't see
any credit card info yourself. Of course you _do_ still need to worry
about security.
> Also, any online transaction clearing companies that you lot worked with
> that is good ? Anyone worked with WorldPay ?
Yup, I've heard that WorldPay are good (or used to be about 2 years
ago), and SecureTrading are good too.
Rich.
--
Richard Jones, Red Hat Inc. (London) and Merjis Ltd. http://www.merjis.com/
http://www.annexia.org/ Freshmeat projects: http://freshmeat.net/users/rwmj
'There is a joke about American engineers and French engineers. The
American team brings a prototype to the French team. The French team's
response is: "Well, it works fine in practice; but how will it hold up
in theory?"'
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list