atrum Posted May 27, 2010 Share Posted May 27, 2010 I am currently developing a php web app that is pretty much like quickbooks. I intend this tool to be used by the public, so security is a big deal. I am implementing a feature that will allow users to upload a CVS file from their bank, or other financial institution to the server that gets parsed, split, and entered into a table on a database. Other than using SSL, what other ways can I ensure that the data uploaded is secure. How secure do you think financial information needs to be? Just so I am clear, the information is all transaction and balance related. Nothing along the lines of account number or even what bank they use is stored. Think of it like a big online check balance book. Quote Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/ Share on other sites More sharing options...
Adam Posted May 28, 2010 Share Posted May 28, 2010 Just so I am clear, the information is all transaction and balance related. Nothing along the lines of account number or even what bank they use is stored. Think of it like a big online check balance book. Given that then, I don't think you need to worry about any legal obligations. To further secure the data though you could encrypt it? Quote Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/#findComment-1064612 Share on other sites More sharing options...
atrum Posted May 28, 2010 Author Share Posted May 28, 2010 Well, I could encrypt it, but the data needs to be human readable. Is there a way to assign a public / private key pair to each user so that only that user can decrypt the information? Quote Link to comment https://forums.phpfreaks.com/topic/203109-financial-web-application-security/#findComment-1064621 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.