Re: Storing credit card numbers temporarily (OT)


good chemistry is complicated, and a little bit messy -LW
	PerlMonks

Re: Storing credit card numbers temporarily (OT)

by TedPride (Priest)

on Aug 14, 2005 at 22:14 UTC ( [id://483734]=note: print w/replies, xml )

Need Help??

in reply to Storing credit card numbers temporarily (OT)

Depends. If you do your credit card processing offline (like my parents' mail order business), the numbers will have to be stored temporarily anyway. Storing them encrypted with an expiration timestamp should be sufficient, since anyone with access to your hosting account will also be able to edit your ordering system to redirect the credit card numbers elsewhere.

If on the other hand your credit card processing is done in real time, just pass the number encrypted in a hidden form field. Part of the key will stay the same and not be passed, and part will be randomly generated and passed in a hidden form field, perhaps encrypted as well. This prevents someone on the user end from easily decrypting the credit card number, and also prevents someone on the outside from somehow cracking one number and then using the same key to crack every other number.

Comment on Re: Storing credit card numbers temporarily (OT)

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://483734]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others rifling through the Monastery: (7)

As of 2024-04-18 03:22 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found