atrum Posted May 27, 2010 Share Posted May 27, 2010 I am currently developing a php web app that is pretty much like quickbooks. I intend this tool to be used by the public, so security is a big deal. I am implementing a feature that will allow users to upload a CVS file from their bank, or other financial institution to the server that gets parsed, split, and entered into a table on a database. Other than using SSL, what other ways can I ensure that the data uploaded is secure. How secure do you think financial information needs to be? Just so I am clear, the information is all transaction and balance related. Nothing along the lines of account number or even what bank they use is stored. Think of it like a big online check balance book. Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/ Share on other sites More sharing options...
Adam Posted May 28, 2010 Share Posted May 28, 2010 Quote Just so I am clear, the information is all transaction and balance related. Nothing along the lines of account number or even what bank they use is stored. Think of it like a big online check balance book. Given that then, I don't think you need to worry about any legal obligations. To further secure the data though you could encrypt it? Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/#findComment-1064612 Share on other sites More sharing options...
atrum Posted May 28, 2010 Author Share Posted May 28, 2010 Well, I could encrypt it, but the data needs to be human readable. Is there a way to assign a public / private key pair to each user so that only that user can decrypt the information? Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/#findComment-1064621 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.