Page 1 of 1

mySQL connection and sensitive data safety

Posted: Mon Jan 24, 2005 8:29 pm
by Stryks
Back again.

I've been doing some research into the security of my site, as part of the data being collected is financial information such as credit cards, as well as address information and general site usage patterns.

I started out looking at SSL for my forms and cookies so that they would be relatively safe from tampering and packet sniffers. I was interested in packet sniffers though so I researched that some more, only to realise that if a hacker was in a position to sniff out passwords from my sites forms, they could just as easily be sniffing out the data as it is fed out of the database. This information would appear to include the username and password for the database itself.

Can anyone tell me what the preferred way to deal with this is? Should I just encrypt the really sensitive information such as the credit card info before I add it to the database, so that at best all they could get would be the encrypted version.

Any opinions / solutions welcome. I think I'm getting paranoid. :?

Posted: Mon Jan 24, 2005 9:19 pm
by feyd
the sites I've worked on where credit card information was passed around, we used offsite storage and processing for that. We didn't want the liability of having to secure the server that well, when we definitely weren't experts in that field.

So, in short, I'd recommend to not store any of that information. Either require them to submit it every time, or have the data stored offsite.

Posted: Mon Jan 24, 2005 10:33 pm
by Stryks
Can you clarify what you mean by 'offsite storage' ?

My problem is that the card details arent for 'once of' use. Its on more of a subscription basis, where the user authorises us to take payments each month.

But you're probrably right in regards to it being a liability, and I guess the more time the data spends in the site the more vulnerable it is.

But still, I need to get the credit card data (collected with SSL) to me so that I can store the data externally to the site.

What other alternatives are there? Thanks

Posted: Mon Jan 24, 2005 10:43 pm
by feyd
we typically send the user to the credit processing company's site for card entry.. everything else, we keep.. as that's far less of a danger.