I'd be happy to look over your previous encryption code. Like Doug pointed out, the liability is huge, but folks that are storing whole numbers are probably doing something like offline processing and should be aware that they're not necessarily doing the best thing. I can't use md5() or crypt(), though, because that's just a one way hash... no way to decrypt it. I thought about doing some obfuscation, but I didn't waste my time since it's not real security and anyone could reverse engineer it since Ubercart is open source.
Re: Re: Encrypting cc_number in uc_payment_credit table.
Wed, 10/31/2007 - 09:22
#1
Re: Re: Encrypting cc_number in uc_payment_credit table.
Encrypting cc_number in uc_payment_credit table. By: torgosPizza (16 replies) Tue, 10/30/2007 - 18:49
- Encryption of Customer Data By: DeskRocket (11/30/2007 - 00:39)
- Yes this is an issue By: deanj200 (11/10/2007 - 16:11)
- Re: Yes this is an issue By: lostcarpark (11/13/2007 - 17:43)
- Secure the database By: Lyle (10/31/2007 - 10:02)
- Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/30/2007 - 19:29)
- Don't Save CC Numbers, Even at Checkout By: ChrisAlbrecht (11/29/2007 - 12:48)
- Clearing out CC numbers upon unsuccessful order By: mmwebdev (01/20/2008 - 20:31)
- Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 00:41)
- Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/21/2008 - 17:02)
- Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 17:17)
- Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/22/2008 - 12:04)
- Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful or By: torgosPizza (01/22/2008 - 12:40)
- Re: Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessfu By: Ryan (01/24/2008 - 10:23)
- Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful or By: torgosPizza (01/22/2008 - 12:40)
- Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/22/2008 - 12:04)
- Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 17:17)
- Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/21/2008 - 17:02)
- Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 00:41)
- Clearing out CC numbers upon unsuccessful order By: mmwebdev (01/20/2008 - 20:31)
- Re: Re: Encrypting cc_number in uc_payment_credit table. By: Ryan (10/31/2007 - 09:22)
- Re: Re: Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/31/2007 - 12:22)
- Storing CC numbers... By: dougdagaz (10/30/2007 - 21:51)
- Don't Save CC Numbers, Even at Checkout By: ChrisAlbrecht (11/29/2007 - 12:48)