What to do with credit card numbers 1

[MatthewP]

I'm just wondering what is the best thing to do with credit card numbers when they are taken in through a secure connection.

Currently we do not store the numbers, but have them emailed to us immediately via PGP. We are thinking about moving to a server that does not offer PGP, so I am trying to find out what is the best thing to do.

Can we store them in a database and retrieve them through some password and referrer based script based on a form in a secure directory? Is this secure enough?

I take the subject very seriously, and I really need some expert help with this one as I am not entirely sure of the risks involved or the options available.

Thanks,
Matt.

 

[chiph]

I'd find a server that offered PGP.

But if that's not possible, someone else here had a good idea, which was to have two database UserIDs -- one of which you use for everything, and only has write-only access to the credit-card table. You'd have another ID that you'd use from your back-office software to read the table (this ID wouldn't be stored anywhere on the server).

The worst-case scenario is that your credit-card table gets filled up with junk. But at least the numbers weren't stolen.

If you're not already using a good database (like MSSQL, Oracle, DB2, MySQL), I'd find one. I'd skip MS-Access if I were you -- it's not that secure.

Chip H.

 

[MatthewP]

Sounds very interesting - this is related to the discussion about hiding passwords on the PHP forum recently I guess. Um.. can anyone point me in the direction of some info (books, websites whatever) on setting up database user id's - ours came with one only and I don't really know enough about the subject to do this myself

Thanks,
Matt.

 

[chiph]

Matthew -

That must be where I saw the idea (PHP forum).

What database are you using? They are all different in the methods used to add users.

Chip H.

 

[MatthewP]

Thanks Chip.

The database is mySQL. I'm alright with programming it, but it came with a name and password already and I've not had to do anything else to it as yet regarding user id's etc.

Maybe the host can sort this one out for me, but again, if you know of any useful info then that'd be great.

cheers,
Matt.

 

[chiph]

Sorry -

That's the one database I haven't done anything with (yet).

Chip H.

 

[rycamor]

See

http://www.mysql.com/doc/A/d/Adding_users.html

and

http://www.mysql.com/doc/S/e/Security.html

The first link shows how to add users to the system, and the second has more info about securing MySQL.

(I happen to be the one with the dual user idea for an E-commerce database

I would recommend, also, that if you are implementing a scheme like this you NEVER log into your system without encryption, and NEVER run any access to the database from the web without being in secure server mode. Forget about telnet and ftp, use SSH and sftp, and close off all other ports except 22 (secure shell), and port 80.

 

[chiph]

rycamor -

Then you're the one I should have credited. I like the idea -- simple, yet effective!

Oh, and you forgot to tell him to leave the https port open (493, I think).

Chip H.

 

[rycamor]

Oh, yes, er... thanks (lol). Leave port 443 open, and configure Apache to only let your nonsecure pages be served through port 80.