Jump to content

Secure PHP Hash


SaranacLake

Recommended Posts

3 minutes ago, gw1500se said:

The regular PHP hash is a one way encryption. I cannot be decrypted except via brute force.

So here is a problem that I am trying to solve, and security is of the utmost importance...

I am building a website with subscriptions, and my business rule says that there cannot be more than 2 members per credit card.

My reasoning is that I want to use the credit card payment not only to get $$$, but as a means of connecting a real human being to an user account.

If I allow 50 member accounts for one credit card, then it defeats the point.  (The assumption is that allowing up to 2 member accounts per credit card payment allows for things like spouses or parent-child.)

And, yes, there is always a way to "hack" the system, but I think this approach is sufficient for now.

So if Lisa Smith buys a subscription, I want a *SECURE* way to maybe capture her name/last-4 of credit card/exp date and store it so that each time a new person registers, I can make sure the 2 members/credit card is not succeeded.

Is there any reasonable way that I could do that using a hash, or is that suicide/

(BTW, I will be using Authorize.net for my payment gateway, and maybe they already offer a way to do what i want, but since I am not at the point to where i am setting up the payment gateway to my website, I am trying to think of ways to accomplish what I need just using PHP.)

 

Link to comment
Share on other sites

1 minute ago, gw1500se said:

Define "capture." Are you talking about a way to store the info or to obtain it from a web page?

> So if Lisa Smith buys a subscription, I want a *SECURE* way to maybe capture her name/last-4 of credit card/exp date

> and store it so that each time a new person registers, I can make sure the 2 members/credit card is not succeeded.

 

I am looking for a way to safely store the Cardholder Name + Last-4 of credit card + Exp date (or something like that) so that I can keep track of how many times a credit card is used with respect to new accounts.

The payment details are really the only way I have to link a subscription to a human being, short of calling everyone or something like that.

Does that answer your question?

Link to comment
Share on other sites

Just now, gw1500se said:

Then you are using a database (MySQL) to store the data? When you store the data, encrypt it.

I am not storing the payment details.  Those would go from my checkout form *directly* to the payment processor.

You would need PCI compliance and wicked infrastructure to be storing payment details!!

But I was wondering - probably naively - if you securely hashed just part of the details - enough to uniquely identify a cardholder and the form of payment - if you could then retain that safely and not have to worry about a data breach and getting sued.

I'm pretty sure there is the concept of a "payment token" that does this, and it is used for cases where you have things like recurrent billing (e.g. for subscriptions), but I am not familiar how to do that, and as I recall, the documentation from Authorize.net leaves a lot to be desired.

Link to comment
Share on other sites

39 minutes ago, SaranacLake said:

My reasoning is that I want to use the credit card payment not only to get $$$, but as a means of connecting a real human being to an user account.

I have on my phone an app that lets me create nearly unlimited valid credit card numbers associated to me. I can defeat your system by taking the same measures I would with every other online transaction I enter into: by creating a new virtual card.
That's to say nothing about the fact that I have more than one billable piece of plastic to my name. Trying to say that a credit card is an identity is naive.

Why do you care whether someone uses the same credit card? I pay Netflix for myself and two other people, using three separate accounts, all with the same billing information. Do you think they care?

Link to comment
Share on other sites

4 minutes ago, requinix said:

I have on my phone an app that lets me create nearly unlimited valid credit card numbers associated to me. I can defeat your system by taking the same measures I would with every other online transaction I enter into: by creating a new virtual card.

So how does that work?

I have never heard of virtual credit card numbers before?!

 

4 minutes ago, requinix said:

That's to say nothing about the fact that I have more than one billable piece of plastic to my name.

Most Americans have several credit cards.

 

4 minutes ago, requinix said:

Trying to say that a credit card is an identity is naive.

But it is a start.  Do you have a better idea?  I could make people meet me in person in a parking lot with their gov't issues id...  😉

 

4 minutes ago, requinix said:

Why do you care whether someone uses the same credit card? I pay Netflix for myself and two other people, using three separate accounts, all with the same billing information. Do you think they care?

Because I am creating an online forum, and I want people to have some accountability.

One of the reasons the Internet sucks so much in 2020 is that most online sites and forums and communities are filled with anonymous users that do not behave the same way they would in real life/

The problem I am trying to solve for - and it sounds like you are giving me an "F" once again - is a way to make sure people have "skin in the game".

So my (naive) plan was that if someone creates an account and pays with a credit card, and then they break the TOS, not only do I kick them off of my site, but if they try to create another account using the same details I have a *reasonable* way to stop them.

Now in that design, I know someone could have another credit card with different billing details - I know I do - and of course, nothing is stopping them from using someone else's credit card, but the goal is to create a reasonable deterrent and a way to keep people more accountable.

So since my idea sounds like it it is DOA from the get-go, what better ideas do you have?

(Note: I'm not issuing security clearances, but i don't want to have to deal with dicks/trolls/punks/etc...)

 

Link to comment
Share on other sites

9 minutes ago, SaranacLake said:

I have never heard of virtual credit card numbers before?!

They are the "bank" for a block of credit card numbers. When a transaction needs to be processed it goes to their system and they can handle the charge however they want.

Quote

Because I am creating an online forum, and I want people to have some accountability.

lol

Quote

So my (naive) plan was that if someone creates an account and pays with a credit card, and then they break the TOS, not only do I kick them off of my site, but if they try to create another account using the same details I have a *reasonable* way to stop them.

Riddle me this:

Why the hell would I want to sign up for your community knowing (a) you are taking my personal information, including credit card numbers, in such a way that you are actively trying to establish my identity, (b) are doing so for reasons that have nothing to do with me initiating transactions on your site, but instead (c) are doing so because you want to be able to terminate my account if you decide that you don't like my behavior?

Have you learned nothing from Twitter or Facebook or YouTube? Or from what is happening in China?

Quote

So since my idea sounds like it it is DOA from the get-go, what better ideas do you have?

I can't stop you from going forward with this idea, but I can tell you that I hate it and would never sign up for it.

Link to comment
Share on other sites

3 minutes ago, requinix said:

They are the "bank" for a block of credit card numbers. When a transaction needs to be processed it goes to their system and they can handle the charge however they want.

I just read an article about them.  Not sure I see any real value.  if your credit card get compromised, get a new #.

(If you have to sign up for that service - especially with a 3rd party - you are probably defeating the purposes by having to cough up even more details that can be breached.  That and the article I read mentioned using a browser add-on which i wouldn't touch with a 100 foot ppole!)

 

3 minutes ago, requinix said:

lol

Why is that so funny?

 

3 minutes ago, requinix said:

Riddle me this:

Why the hell would I want to sign up for your community knowing (a) you are taking my personal information, including credit card numbers, in such a way that you are actively trying to establish my identity, (b) are doing so for reasons that have nothing to do with me initiating transactions on your site, but instead (c) are doing so because you want to be able to terminate my account if you decide that you don't like my behavior?

Because every company in the world that sells memberships does this.

What does your gym do?

You gun club?

AAA?

How about the NY Times or Washington Post?

You are paying to join my online community - which is a feature of buying an annual subscription - and if people cause trouble then i want the ability to block them, and not have Russian trolls coming back every 20 minutes with a new email and credit card number.

 

3 minutes ago, requinix said:

Have you learned nothing from Twitter or Facebook or YouTube? Or from what is happening in China?

What does that mean?

You mean "Big Brother" watching you?

If so, the difference is that I am not selling your info like Zuckerberg, and I'm not going to come to your home and beat your family if you mess around.

I would like a reasonably reliable way to keep riff-raff out.

 

3 minutes ago, requinix said:

I can't stop you from going forward with this idea, but I can tell you that I hate it and would never sign up for it.

Nothing personal, but don't be so sanctimonious about online memberships.

I challenge you to get an in person "membership" to any club (Elks Club, golf course, hunting club, tennis club, gym membership, etc)  where there are no reprocussions if you screw around.

How about  even a store or restaurant?

Of course in those cases, they can see who you are.

So why is it so offensive to you that I am trying to protect my online community that is member's only?  (Not the same thing as on online PHP forum...)

 

Either way, so what other things could I do to establish someone's identity - and let's not make it sound like I am China - so if they break the TOS then I would have a way to refuse them service in the future?  (Or to the point of this thread, if their 50 friends use their credit card and THEY screw around, then I need a way to take action.)

 

Link to comment
Share on other sites

Yes this idea is DOA.  First of all, people are loathe in the modern era to provide identifying information.  The less information you require to establish an account the better, if you want people to sign up.  People provide information when they have an incentive to do so.  A "community" where people won't join because it's too much of an annoyance to join will be a ghost town.

In my experience it's hard enough to get people to pay for a service, even a well executed one that people use everyday.  Before stackoverflow, there was experts exchange.  It was once a thriving tech expertise community, then they tried to monetize it by obfuscating the content unless you paid.  This really pissed a lot of people off, and the site went rapidly down hill until it eventually went bankrupt.  SO was started partially in response to EE's poorly executed paywalling scheme, and the rest as they say is history.

Candidly I have been asked many times over the years to come up with ways to prevent people from getting access to a system or to content.  This goes back to days I worked in the gaming and entertainment industry.  There are some interesting case studies as to the effects of over emphasizing piracy or restricting access to content they have paid for, and in every case the employ of those technologies harmed or hampered the business over time.  Meanwhile competitors that wrote off the concern thrived and often overtook competitors that at one time were the market leaders with a huge competitive advantage.  The harder you make things for your users/customers, the worse off the business will be over time.

Link to comment
Share on other sites

14 minutes ago, SaranacLake said:

I just read an article about them.  Not sure I see any real value.  if your credit card get compromised, get a new #.

Clearly you've never had to do that.

Quote

(If you have to sign up for that service - especially with a 3rd party - you are probably defeating the purposes by having to cough up even more details that can be breached.  That and the article I read mentioned using a browser add-on which i wouldn't touch with a 100 foot ppole!)

If they get breached then I'll have to get a new number. But if someone else gets breached then all I have to do is go to the app and disable the card.

Quote

What does your gym do?

AAA?

How about the NY Times or Washington Post?

They don't care who I am. They just bill my credit card.

Quote

You are paying to join my online community - which is a feature of buying an annual subscription - and if people cause trouble then i want the ability to block them, and not have Russian trolls coming back every 20 minutes with a new email and credit card number.

Oh great, so it's an exclusive community. And I have to pay to get access to it. I'm sure the 1% will love it.

Quote

What does that mean?

I don't have the energy for explaining to you all the bad things that happen when companies and institutions have tried to mandate personal identification with their accounts.

Quote

I would like a reasonably reliable way to keep riff-raff out.

There it is.

Quote

I challenge you to get an in person "membership" to any club (Elks Club, golf course, hunting club, tennis club, gym membership, etc)  where there are no reprocussions if you screw around.

How about  even a store or restaurant?

But we're not talking about screwing around. You want to target "anonymous users that do not behave the same way they would in real life". Your goal is to make sure that you have a community full of nice people who have to be careful about what they say lest they offend someone.

Quote

So why is it so offensive to you that I am trying to protect my online community that is member's only?  (Not the same thing as on online PHP forum...)

Do you think PHP Freaks should require proof of identity for all of its members? After all, it's only to "protect our online community".

Quote

Either way, so what other things could I do to establish someone's identity - and let's not make it sound like I am China - so if they break the TOS then I would have a way to refuse them service in the future?  (Or to the point of this thread, if their 50 friends use their credit card and THEY screw around, then I need a way to take action.)

You do the same thing every other online community does: ban the user, keep an eye out for their IP address and familiar activity from other accounts, and move on with your life.

 

I'm done. I have other things to do than fight this. Like I said, I can't stop this from happening, but I'll be damned if I help it along.

Link to comment
Share on other sites

19 minutes ago, gizmola said:

Yes this idea is DOA.  First of all, people are loathe in the modern era to provide identifying information.  The less information you require to establish an account the better, if you want people to sign up.  People provide information when they have an incentive to do so.  A "community" where people won't join because it's too much of an annoyance to join will be a ghost town.

People have to provide a Cardholder Name, Billing Address, and Payment Details just like every e-commerce site since the beginning of time.

If you don;t want to provide that, then you cannot buy a subscription.

Where did i say i was asking for anything else - other than email address?

 

Quote

In my experience it's hard enough to get people to pay for a service, even a well executed one that people use everyday.  Before stackoverflow, there was experts exchange.  It was once a thriving tech expertise community, then they tried to monetize it by obfuscating the content unless you paid.  This really pissed a lot of people off, and the site went rapidly down hill until it eventually went bankrupt.  SO was started partially in response to EE's poorly executed paywalling scheme, and the rest as they say is history.

Let's talk about my use-case...

I am building a website that is part online newspaper and part community.  There will be lots of free content, but for premium content, you have to pay.  And as a paid member, you also get to join the online community and create a profile, chat with others, post comments, and get access to much more.

This is not a new concept, and it works IF you have phenomenal content.

If you don't have a paid Washington Post subscription, you cannot post on their site.  And while they might not kick you off their site if you posted nasty messages, I guarantee you'd be blocked from posting again.  (And if you came back pretending to be someone else, I'm sure they could catch you.)

Don't like that?  They be try CNN or Fox News which are free.

Why is what i am trying to do (i.e. paid subscription) so radical?

 

Quote

Candidly I have been asked many times over the years to come up with ways to prevent people from getting access to a system or to content.  This goes back to days I worked in the gaming and entertainment industry.  There are some interesting case studies as to the effects of over emphasizing piracy or restricting access to content they have paid for, and in every case the employ of those technologies harmed or hampered the business over time.  Meanwhile competitors that wrote off the concern thrived and often overtook competitors that at one time were the market leaders with a huge competitive advantage.  The harder you make things for your users/customers, the worse off the business will be over time.

But I'm not making things "hard".

All I am trying to do is enforce the TOS.

No one is forcing people to buy a subscription.

But if you do, I do expect people to behave - otherwise i end up with a cesspool like social meda...

 

P.S.  I appreciate your feedback, but I don't think I'm being unreasonable here.

 

Edited by SaranacLake
Link to comment
Share on other sites

2 hours ago, SaranacLake said:

Are there any PHP hashes that are extremely secure and that CANNOT be reverse-engineered?

 

Just to go back to the original question, I'm not sure you are clear on what a hash actually is.  A hash takes input and computes the hash.  Hashes are not encryption with associated decryption.  You can not decrypt a hash.   They are also not part of php per se, but like most languages well known hash algorithms are available in php.  Assuming you had a good use case for a hash, then md5 and sha1 are popular options.  The more unique input you provide to the hash, the better it tends to be.

 

Link to comment
Share on other sites

20 minutes ago, requinix said:

Oh great, so it's an exclusive community. And I have to pay to get access to it. I'm sure the 1% will love it.

Lots of undertones there...

 

20 minutes ago, requinix said:

There it is.

And again.

 

20 minutes ago, requinix said:

But we're not talking about screwing around. You want to target "anonymous users that do not behave the same way they would in real life". Your goal is to make sure that you have a community full of nice people who have to be careful about what they say lest they offend someone.

Did you get excluded from some club earlier in life and you're bitter?  *LOL*

The only thing you can do on my website for free is read free content.  Period.

With a paid subscription, you get a lot more.

Don't want a lot more?  Then don't buy a subscription.

Nothing "elite" here.

But IF you buy a subscription, and I give you the ability to talk with others and post comments, then you have to follow the TOS.

If you don't, then you're gone.

And I'm just trying to make it difficult for the same people to come back again and again and slip through, because you know they are only coming back to get revenge.

That's the problem online....  People feel everything should be free and they should be able to behave however they want.  I disagree.

I challenge you to buy a subscription to the NY Times, WP, or Wall Street Journal and become abusive on their websites and see what happens...

 

20 minutes ago, requinix said:

Do you think PHP Freaks should require proof of identity for all of its members? After all, it's only to "protect our online community".

You are twisting what I am doing.

The only info I ask for is e-mail address, password, and payment details - which includes name and billing address.

 

20 minutes ago, requinix said:

You do the same thing every other online community does: ban the user, keep an eye out for their IP address and familiar activity from other accounts, and move on with your life.

But how effect - alone - is that?

 

20 minutes ago, requinix said:

I'm done. I have other things to do than fight this. Like I said, I can't stop this from happening, but I'll be damned if I help it along.

You're fighting with some shadow here.

I asked for clarification on a technical matter, and now you are all mad at me because you don't like the approach i am taking - which is the same approach pretty much every other online paid subscription takes.

 

Link to comment
Share on other sites

Given your comments, I understand your concern.  If you get to the point where your community is successful enough to have the issues you describe then you can pay people (or in some cases entice them to moderate for free) your community.  This is how this forum works.  The forum software does have tools that will blacklist emails and ip's, but neither of those are fool proof.  They still make it an annoyance for anyone who has not automated signups.  The average crackpot will simply move on.  The other thing that we face like most sites with any significant user base, is attempts to spam or advertise.  Again our small volunteer moderation group, along with the forum's ability for people to report posts they think violate our rules insures that we have almost no spam or abuse presence on the forum lasting for any significant amount of time.  More often than not, if I see a report, it has already been handled by one of the other volunteers.

Again, having too many users with some that won't follow the rules is a good problem to have.  I simply happen to believe strongly that it's more important to concentrate on your MVP, and building your traffic and user base than it is to try and engineer a solution to a problem you don't yet have, when you haven't implemented the tried and true, if imperfect, controls that other sites utilize first.

  • Like 1
Link to comment
Share on other sites

19 minutes ago, gizmola said:

Just to go back to the original question, I'm not sure you are clear on what a hash actually is.  A hash takes input and computes the hash.  Hashes are not encryption with associated decryption.  You can not decrypt a hash.

But I don;t want to decrypt anything.

For instance, let's say that "Linda Zeiger" from "123 Main Street" subscribes with a "Visa" ending in "1234" and I create a hash.

Then if Linda got kicked off of my site for breaking the TOS - and after being given a couple of warnings to get in line - then if she came back and tried to create a new account using a new email address, but the same "Linda Zeiger" from "123 Main Street" subscribes with a "Visa" ending in "1234", then i could compare that hash to the stored hash, and determine if I let the registration go through.

Same way logging in works.

Now obviously there are lots of ways to get around that, but to your concern, using a hash would work.

And to my question in my OP, is doing that secure?

I'm guessing it is not allowable by PCI standards, but you never know...

 

19 minutes ago, gizmola said:

They are also not part of php per se, but like most languages well known hash algorithms are available in php.  Assuming you had a good use case for a hash, then md5 and sha1 are popular options.  The more unique input you provide to the hash, the better it tends to be.

SHA1 is super hackable, is it not?

Last I heard, SHA-256 (?) was a better choice, but maybe that is easy to reverse-engineer, and get this from t...

"Linda Zeiger" from "123 Main Street" subscribes with a "Visa" ending in "1234"

 

Link to comment
Share on other sites

5 minutes ago, gizmola said:

Given your comments, I understand your concern.

Tell @requinix that - he now thinks I'm part of the "Deep State" - or is that the "Red State"?!  *LOL*

 

5 minutes ago, gizmola said:

If you get to the point where your community is successful enough to have the issues you describe then you can pay people (or in some cases entice them to moderate for free) your community.  This is how this forum works.

I understand, but you realize that free forums usually end up closing because it becomes a full-time job to clean up troll posts and it becomes unmanageable.

The reason this happens is because there are no incentives online to behave.  No consequences anymore.

But $$$ is king!!  

If people realize they will lose $60 and be blocked for good, they will likely have second thoughts about subscribing if their only goal is to incite riots, or they will think twice before they post.

Maybe I was naive in thinking I could rely on Cardholder Name, Billing Address, and Payment Details as a way to uniquely identify people.

It may not be foolproof, but I still suspect it would eliminate most of the issues.  (I'm sure Requinix completely disagrees with me!)

 

 

5 minutes ago, gizmola said:

The forum software does have tools that will blacklist emails and ip's, but neither of those are fool proof. 

Right, because of free emails and VPNs.

 

5 minutes ago, gizmola said:

They still make it an annoyance for anyone who has not automated signups.  The average crackpot will simply move on.

You think American (or Russian) trolls give up that easy?

 

5 minutes ago, gizmola said:

The other thing that we face like most sites with any significant user base, is attempts to spam or advertise.

Aha, but that is in my TOS.

Willing to pay $60 for a one time spam message that gets you blocked and the message gets deleted?

I'll take the donation!  😉

 

5 minutes ago, gizmola said:

Again our small volunteer moderation group, along with the forum's ability for people to report posts they think violate our rules insures that we have almost no spam or abuse presence on the forum lasting for any significant amount of time.  More often than not, if I see a report, it has already been handled by one of the other volunteers.

It's good that your small army is winning.

 

I just see what happens on sites like Facebook, Twitter and Reddit and I figure that I need more than that - not that I am that successful (yet)!

 

5 minutes ago, gizmola said:

Again, having too many users with some that won't follow the rules is a good problem to have.  I simply happen to believe strongly that it's more important to concentrate on your MVP, and building your traffic and user base than it is to try and engineer a solution to a problem you don't yet have, when you haven't implemented the tried and true, if imperfect, controls that other sites utilize first.

Okay, that may be the wisest thing spoken yet in this thread, and I will concur with you on that.

At the same time, now is indeed a good time to make architectural decisions before the cement hardens!!

 

That being said, could I use a hash securely if it is based off of thinks like Cardholder Name, Billing Address (or part of it), and possibly Last-4 of credit card?  or is that a train-wreck waiting to happen?

 

Also, does anyone here have experience with 'payment tokens" which I believe do the same thing, but which are considered PCI complient?

 

 

 

 

Link to comment
Share on other sites

5 hours ago, SaranacLake said:

...I want a *SECURE* way to maybe capture her name/last-4 of credit card/exp date and store it ...

If I were in your shoes, and were going to proceed, no matter what, in spite of this thread's recommendations against it, I would DEFINITELY 1.) Hire a licensed bonded and insured security firm to do the "limit 2 people per card," coding you require, and 2.) have a darn good liability insurance policy for yourself that covers data breaches!

Link to comment
Share on other sites

3 minutes ago, StevenOliver said:

If I were in your shoes, and were going to proceed, no matter what, in spite of this thread's recommendations against it, I would DEFINITELY 1.) Hire a licensed bonded and insured security firm to do the "limit 2 people per card," coding you require, and 2.) have a darn good liability insurance policy for yourself that covers data breaches!

So you make it sound like using a hash is not nearly as infallible as was said above, right?

I'm guessing that using the "security token"  that most payment gateways offer is probably the safer way...

 

Link to comment
Share on other sites

SaranacLake, even though I am probably the worst PHP person on this whole forum, I was fascinated with encryption and hashes, and a few months ago, I spent almost a full month studying PHP encryption! I don't need it for my own site, I just studied it for the same reason I read this forum -- it is fascinating! I learned how to do lots and lots of encryption, very secure encryption, but I also learned that with ONE little mistake, one slip of the code, ONE server misconfiguration, and you might open yourself up to some big lawsuit (ook at all the big multibazillion dollar companies that have been IN THE NEWS for their stupid data breaches! And they TEAMS of encryption geniuses, working for them, and they STILL couldn't get it right. So, it is a fascinating topic! It's fun to learn! But in my opinion, just my opinion, it would be better to hire a reputable first rate security company to do the credit card portion of the code you require. Then, if worse came to worse, and for whatever reason you had a data breach, you won't be in the awkward position of having to say, "well, I proudly did all the security coding myself, all the forums said my algorithm was secure..." :-)

Again, just my opinion.

  • Like 1
Link to comment
Share on other sites

5 minutes ago, StevenOliver said:

SaranacLake, even though I am probably the worst PHP person on this whole forum, I was fascinated with encryption and hashes, and a few months ago, I spent almost a full month studying PHP encryption! I don't need it for my own site, I just studied it for the same reason I read this forum -- it is fascinating! I learned how to do lots and lots of encryption, very secure encryption, but I also learned that with ONE little mistake, one slip of the code, ONE server misconfiguration, and you might open yourself up to some big lawsuit

Yes, that is true.

 

5 minutes ago, StevenOliver said:

(Look at all the big multibazillion dollar companies that have been IN THE NEWS for their stupid data breaches! And they TEAMS of encryption geniuses, working for them, and they STILL couldn't get it right.

Well, I have spent my career working for "multibazillion dollar companies", and first of all I can tell you that "looks can be deceiving"...

Most of my clients have been run by idiots, regardless of whether or not they made truckloads of money.

Yeah, sometimes a nation-state penetrates a large American corporation, but usually it is freshman errors that brings companies down.

 

5 minutes ago, StevenOliver said:

But in my opinion, just my opinion, it would be better to hire a reputable first rate security company to do the credit card portion of the code you require. Then, if worse came to worse, and for whatever reason you had a data breach, you won't be in the awkward position of having to say, "well, I proudly did all the security coding myself, all the forums said my algorithm was secure..." 🙂

Again, just my opinion.

And a valid point, but my counter would, "If you are afraid that something might blow up with your code, then you best not be a programmer.  There are a million places where things could go wrong, and if you never wanted any risk then you'd never be able to do anything in application development.

PHPFreaks could have a data breach and get sued also, but that doesn't stop the owner from running this forum.

Also, in my case, like most proper checkouts, the data is going directly from a secured webform to my payment gateway, so that's a lot easier to do than, say, storing credit card details in your database.

My hash idea is certainly more risky, but it never hurts to investigate things.

Thanks.

 

Link to comment
Share on other sites

PHPFreaks DID have a data breach! (https://www.cyberinsurance.com/breaches/phpfreaks/)

I had an afterthought.... if I absolutely HAD to store some encrypted customer data, I would lean towards storing their phone number over storing their credit card details. And it would be easy to assign a random "code" via a text message. Nowadays a lot of sites that "want to prove it's really you" will send you a text message with a 6 digit code. You could probably still do a good job at enforcing your 2 people per credit card limit this way (most people have only one or two phone numbers), without having to store (or even see) their card info. Their phone number should still be encrypted properly though, but it looks less catastrophic if phone numbers got revealed rather than credit card numbers :-)

Edited by StevenOliver
  • Like 1
Link to comment
Share on other sites

6 minutes ago, StevenOliver said:

PHPFreaks DID have a data breach! (https://www.cyberinsurance.com/breaches/phpfreaks/)

Thanks for the link!!  (I'm not sure if I knew about this, or if I did know, I forgot, because there is nothing for me to lose here.

 

6 minutes ago, StevenOliver said:

I had an afterthought.... if I absolutely HAD to store some encrypted customer data, I would lean towards storing their phone number over storing their credit card details. And it would be easy to assign a random "code" via a text message. Nowadays a lot of sites that "want to prove it's really you" will send you a text message with a 6 digit code. You could probably still do a good job at enforcing your 2 people per card limit this way, without having to store (or even see) their card info. Their phone number should still be encrypted properly, though, but it looks less catastrophic if phone numbers got revealed rather than credit card numbers 🙂

Yes, I think there are other pieces of info I could use to verify that a person is registering and maintain my 2 accounts/card limit.

Then again, the laws are changing (e.g. California Privacy Act, and GDPR), and like most laws, things are left to interpretation by the courts.

I am also considering calling people after the buy a subscription and having a quick conversation asking them some details, maybe set up some "challenge questions/answers", and basically letting them know that they should consider their membership/subscription to be like they joined some group in real life (i.e. absolutely no bullshit).

Of course, I won't count on Requinix joining anytime soon...  😄

And to @gizmola's point, there is something to be said for focusing first on getting a following, and next some sales, and then maybe stepping up background checks as needed.

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.