Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Encrypting credit card details in the DB itself


m175400

Recommended Posts

Hi all,

 

Right, I have noticed that the credit card details are not encrypted in the MySQL db itself. So am I right in thinking that should anyone get access to the site's DB they have full access to the credit card details of every customer!? I know you can encrypt data in a MySQL table, but to decrypt it for use in an admin area you need a key which you have to hard-code into your site's code, or ask the administrator to key it in each time. You also need to hard-code the same key into the script to encrypt the data on it's way into the db in the first place anyway, so whichever way you look at it, if they get access to your DB and u encrypted the cc details, then it's only secure as long as they don't get access to the key hard-coded into the code in your FTP account anyway, am I right?

 

Basically, where do the web developers responsibilities end is my query? As long as we implement SSL where necessary then the security of the database and FTP as provided by the host is their responsibility, would you agree? As long as, of course, the developer, should they be involved, correctly sets up the right FTP/Database user privileges to prevent the most obvious means of hacking said details?

 

What do you guys think?

 

Thanks!

Link to comment
Share on other sites

Because of the issues you mentioned I felt better to leave the cc customer details out of my dbase and use an external agency for it.

Link to comment
Share on other sites

Your right, only some encription like PGP that uses two keys would be secure. Then you would need to make some decryption method on each client PC you wanted to give access.

 

You might look at the card zapper mod that deletes the cc after the order is completed.

Link to comment
Share on other sites

You can also use the "Split credit card e-mail" feature. This puts half of the number in the DB and sends the other half to you by e-mail. So even if someone gets one or the other, they don't have anything useful.

 

The "card zapper" is also very useful to purge the number from the database once you are done with it.

Link to comment
Share on other sites

Just a thought: If you have the database on your www server you should have in mind that in some countries it is illegal to store the credit card information to front-end server.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...