[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

Re: [ic] Credit Card Authorisation/Processing

To: interchange-users@interchange.redhat.com
Subject: Re: [ic] Credit Card Authorisation/Processing
From: Dan Browning <db@cyclonehq.dnsalias.net>
Date: Tue, 18 Sep 2001 17:48:13 -0700
In-Reply-To: <DMECJDCHILJMMNOPACDEKENLCAAA.rossc@bigpond.net.au>

At 09:35 AM 9/19/2001 +1000, you wrote:

>What other options are there with the credit card besides automated payment
>services and an e-mail sent to a local user. Is it possible to get
>Interchange to store the credit card number in the customer profile so that
>it can be remembered/kept on file, and is it possible to display the credit
>card number in the order process section of the administration interface, or
>even in a report that would be printed off with a list of 'waiting for
>credit check' orders and the corresponding credit card # and items ordered.
>Any documents that have a section focused on credit card handling routines
>etc?
>
>Thanks,
>Ross Cousens
>
>P.S. I realise this is a "security risk", but we have a few other methods we
>plan to implement to keep the credit card info secured.

Yes, it is possible.  In fact, I'll prevent a different point of view here 
in that I think it can even be done in a *secure* (although inconvenient) 
way.  I think Russ Mann went down that road a while back in a thread "CC 
Info in UserDB".

The problem that many site with storing CC numbers is this:

* Store encrypted credit card numbers on server (not plaintext, which is 
brain-damaged)
* In order to use payment gateway, you have to have private key file on 
server to decrypt
* A hacker comes in and steals your encrypted cc numbers: that's bad enough 
(brute force, etc.)
* A hacker comes in and steals your encrypted cc numbers AND your private 
key file: now they only have to crack your private-key passphrase or your 
ssh-agent

Therefore, the only secure solution is to do off-line cc processing.  That 
is where the encrypted cc number is e-mailed *once* to your secure location 
which can handle the decryption, and only identifying information is used 
on the server again (first 2 / last 4 digits of cc number) for customers to 
select their card, and for the secure location to know which card to use 
when processing.

So when you do off-line processing I think it's a great thing from a 
marketing standpoint.  Any dissenters out there?  I'm wondering right now 
if I already missed some loopholes through that method as well, anyone see 
some?  Of course, how one handles a "secure location" to receive e-mails is 
a whole 'nuther can of worms.

I would love to do it for my clients, so I'm interested in how it goes for 
you and your finished source code -- even if you end up storing the 
encrypted cc numbers and private key on your server.  I'm not sure if Russ 
Mann ever got everything working like he wanted or not, but maybe he will 
weigh in.

Oh, and, make sure you put on your asbestos suit for asking that question.  :-)

HTH, HAND,

Dan Browning <danpb@mail.com>

_______________________________________________
interchange-users mailing list
interchange-users@interchange.redhat.com
http://interchange.redhat.com/mailman/listinfo/interchange-users

References:
- [ic] Credit Card Authorisation/Processing
  - From: "Ross Cousens" <rossc@bigpond.net.au>

Prev by Date: Re: [ic] Please help with pgp issue, please.
Next by Date: RE: [ic] Credit Card Authorisation/Processing
Prev by thread: RE: [ic] Credit Card Authorisation/Processing
Next by thread: [ic] Undefined catalog (Server.pm line 182)
Index(es):
- Date
- Thread