CrazyEngineers
CrazyEngineers
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies

  • simple

    MemberMay 31, 2008

    Re: doubt on how to store credit card numbers in data base in web enabled applicatio

    Try OpenSSL....also google for it and you will surely find a lot of answers!!
    c ya!!
    Are you sure? This action cannot be undone.
    Cancel

  • Prasad Ajinkya

    MemberJun 1, 2008

    Re: doubt on how to store credit card numbers in data base in web enabled applicatio

    Deepthi,

    Answer is simple. Dont!!

    If you still have to do it (in case you have your own in-house payment gateway), then atleast have the following things in place -

    1. a strong SSL certificate (Thawte, Verisign, et al)
    2. SSL enabled webserver
    3. Stop direct access to the database server
    4. Stop direct root login on the database server
    5. Stop all extra ports on the database and web servers (keep the ssh port open, and that too only for one particular ip)
    6. Keep a strong password policy for both your servers
    7. Have all database accesses from the webserver through the internal interface and not on the external ones

    And that is just the start. Ideally, seek the advice of an ethical hacker on this.

    I would still stick with the first option of not storing the CC no.s 😀
    Are you sure? This action cannot be undone.
    Cancel

  • Gnana Deepthi

    MemberJun 4, 2008

    Re: doubt on how to store credit card numbers in data base in web enabled applicatio

    thanx for suggestions
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register