Re: Re: Encrypting cc_number in uc_payment_credit table.

#1 Wed, 10/31/2007 - 09:22

Posts: 5358
Joined: 08/07/2007

I'd be happy to look over your previous encryption code. Like Doug pointed out, the liability is huge, but folks that are storing whole numbers are probably doing something like offline processing and should be aware that they're not necessarily doing the best thing. I can't use md5() or crypt(), though, because that's just a one way hash... no way to decrypt it. I thought about doing some obfuscation, but I didn't waste my time since it's not real security and anyone could reverse engineer it since Ubercart is open source.

Encrypting cc_number in uc_payment_credit table. By: torgosPizza (16 replies) Tue, 10/30/2007 - 18:49

Encryption of Customer Data By: DeskRocket (11/30/2007 - 00:39)
Yes this is an issue By: deanj200 (11/10/2007 - 16:11)
- Re: Yes this is an issue By: lostcarpark (11/13/2007 - 17:43)
Secure the database By: Lyle (10/31/2007 - 10:02)
Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/30/2007 - 19:29)
- Don't Save CC Numbers, Even at Checkout By: ChrisAlbrecht (11/29/2007 - 12:48)
  - Clearing out CC numbers upon unsuccessful order By: mmwebdev (01/20/2008 - 20:31)
    - Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 00:41)
      - Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/21/2008 - 17:02)
        Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 17:17)
        Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/22/2008 - 12:04)
        Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful or By: torgosPizza (01/22/2008 - 12:40)
        Re: Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessfu By: Ryan (01/24/2008 - 10:23)
- Re: Re: Encrypting cc_number in uc_payment_credit table. By: Ryan (10/31/2007 - 09:22)
  - Re: Re: Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/31/2007 - 12:22)
- Storing CC numbers... By: dougdagaz (10/30/2007 - 21:51)

	Drupalcon DC
	Vote now to learn more about Ubercart in these sessions: Ubercart on Drupal 6 Advanced Ubercart Usage Starting Your Own Ubercart Store

	Ubercart Affiliates
	Find payment and hosting services in our Affiliate Directory that support Ubercart development.

	User login
	Username: * Password: * Create new account Request new password

	Fast Invoicing
	We use and recommend FreshBooks for project time tracking and client invoicing.

Ubercart

Re: Re: Encrypting cc_number in uc_payment_credit table.

Navigation

Drupalcon DC

Ubercart Affiliates

User login

Fast Invoicing