Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Storing Credit Cards

Status
Not open for further replies.
Modica82

Modica82

Technical User
Jan 31, 2003
410
GB
Hi all,

I was wondering if anyone has any suggestions on securing credit cards in a database. What info should i store and how should it be encrypted? I need a way to be able to get the credit card infomation out, so that it can be processed at a later date if needs be, it is complicated to describe, but the customers do consent to this.

Any ideas or links to good information?

Thanks,

Rob
 
Sort by date Sort by votes
1. Make sure the DB is locked down tight, and anyone with access to it is bonded. I mean anyone. Some DB have an encrypted data type. If your doesn't you can use any encription product you want, and use a transformation program like DataStage TX to put the data into the DB as a BLOB. To get info out, you get info to file, use Password to decrypt and process. This can be does with software like DS TX, but you need the environment to be secure too.



BocaBurger
<===========================||////////////////|0
The pen is mightier than the sword, but the sword hurts more!
 
Upvote 0 Downvote
1. Make sure the DB is locked down tight, and anyone with access to it is bonded. I mean anyone. Some DB have an encrypted data type. If your doesn't you can use any encription product you want, and use a transformation program like DataStage TX to put the data into the DB as a BLOB. To get info out, you get info to file, use Password to decrypt and process. This can be does with software like DS TX, but you need the environment to be secure too.

BocaBurger
<===========================||////////////////|0
The pen is mightier than the sword, but the sword hurts more!
 
Upvote 0 Downvote
Truly - you cannot store credit cards on the server - unless you are CISP compliant. Storing these numbers might cause you to lose your merchant account. And never store the CVV numbers. This will definitely cause you to lose your merchant account.

__________________________
Corey

 
Upvote 0 Downvote
yes there is a large legal responsibility that is very serious indeed, and configure SSL & encryption in db.

hosting company will generally provide ssl with secure e-commerce set up, this will save you a lot of time.
 
Upvote 0 Downvote
This is very hard to do legally...if you are in a big corporation...then you can probably get this done correctly. but otherwise, there is not really any reason to store people's credit card information. I would get a security expert and lawyer if you really want to do this.

David

David Kuhn
------------------
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

belladaisy2018
  • Locked
  • Question
A quick question about credit cards
Replies
3
Views
7K
Moris53
Moris53
elhaix
  • Locked
  • Question
Integrating Rewards Programs with Credit Card Processing in .NET
Replies
0
Views
107
elhaix
elhaix
PPettit
  • Locked
  • Question
Seeking suggestions for a new credit card processing solution
Replies
3
Views
129
CoreyBryant
CoreyBryant
rekenaar
  • Locked
  • Question
Storing logged in user as session variable
Replies
0
Views
44
rekenaar
rekenaar
mikeali
  • Locked
  • Question
how to find a right online credit card processor 1
Replies
14
Views
123
redhatvswin
redhatvswin

Part and Inventory Search

Sponsor

Back
Top