Jump to content

Recommended Posts

I am building a system that needs to store credit cards, and am trying to make sure they are safe. Here i what I did so far:

 

1) Turned off all the other websites. It was already a dedicated, but I didn't want it to get hit through another site we had.

2) Put the actual numbers in a separate database. All this database does is hold the real number, all the other info is in a regular database. For this new database, I made a new user account - it is the only one that can access it, and only them with select, update and inserts.

3) Made it so that only a few, command line scripts can touch the credit card numbers. These scripts are outside the restricted basedir, so if someone could do a "../../../../../creditCards\0crap.jpg" anywhere in my code, they can't now.

 

Is their more I should do? I thought about encrypting the numbers, but it seems like if they have enough access to my system to get the encrypted passwords, they'd have enough access to just go get the file the decrypts them. I don't want to use ioncube - but it's been suggested, again though, at that point your more talking about how to stop people with full ftp access to the system.

Link to comment
https://forums.phpfreaks.com/topic/120775-protecting-credit-cards/
Share on other sites

I thought about encrypting the numbers, but it seems like if they have enough access to my system to get the encrypted passwords, they'd have enough access to just go get the file the decrypts them.

 

not necessarily. for instance, someone could compromise MySQL without compromising apache, php, ftp access, etc.

what if someone directly steals your hardware?  they can just nab the numbers.  unlikely, but if it happens, you've basically just ruined the financial life of anyone who's ever used the system.

 

IMO, the short answer is, you should never have to remember CC numbers.  leave that to the people who have the liability to do so, and the security (both digital and physical) to protect them.  perhaps to get more to the root of the problem, why do you have to store them?  are you yourself processing them to see if they're legitimate?  if not, and you simply want to remember the user's details, the more common approach is to remember the last 4 digits.

We need to keep them on file so users can get billed without retyping them. If they have to reenter their card number every time, the'll buy less stuff. While we use the last four digits for display purposes, we can't run a 4 digit card number through linkpoint.

 

And the way I set it up, I was thinking it would be pretty much impossible to get mysql access to the card database without ftp access, but it still might be worth encrypting them for the few extra minutes it would take. At least then if I need to make backups of the database, I can do so without having to then encrypt them.

 

I don't think I can use an SSL cert, since we already have one for a different subdomain on the server. Unless their is a way to install two that I don't know about, because the price of an unlimited sub-domain cert is insane. I will look to see if there is a way to run two certificates on the same server - I was even thinking about getting a free cert from that one free cert company that only works with Firefox, and then using it if they were using Firefox, and otherwise just switching to the non-SSL version.

(...) because the price of an unlimited sub-domain cert is insane (...)

 

i don't think any price should qualify as being too much for the sake of confidentiality when it comes to finances.

 

I think there are actually laws on retaining credit card information in some countries.  Like the data has to be encrypted with a certain bit strength and so on.  Maybe someone else can either elaborate on this or tell me if I'm crazy.

 

i sure hope there are.

It may mean more sales, but what if someones account is hacked, and they sue you? you will lose money in the end. Why not just use Paypal which works perfectly fine, That way they don't have to put in there details every time, and you can use a Instant Payment Notification(IPN) script to log the order or whatever in your database.

...It may mean more sales...

 

That's why.

 

And because being able to only run payments through PayPal seems amateur, and because linkpoint will run a credit card transaction at 1.85%, which a LOT less than paypal.

 

Down the road we might add paypal and google checkout, but linkpoint seems to be the cheapest way and simplest way to process payments.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.