Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery

Re: Storing credit card numbers temporarily (OT)

by TedPride (Priest)
on Aug 14, 2005 at 22:14 UTC ( #483734=note: print w/replies, xml ) Need Help??

in reply to Storing credit card numbers temporarily (OT)

Depends. If you do your credit card processing offline (like my parents' mail order business), the numbers will have to be stored temporarily anyway. Storing them encrypted with an expiration timestamp should be sufficient, since anyone with access to your hosting account will also be able to edit your ordering system to redirect the credit card numbers elsewhere.

If on the other hand your credit card processing is done in real time, just pass the number encrypted in a hidden form field. Part of the key will stay the same and not be passed, and part will be randomly generated and passed in a hidden form field, perhaps encrypted as well. This prevents someone on the user end from easily decrypting the credit card number, and also prevents someone on the outside from somehow cracking one number and then using the same key to crack every other number.

  • Comment on Re: Storing credit card numbers temporarily (OT)

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://483734]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (5)
As of 2018-06-18 03:55 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (107 votes). Check out past polls.