Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

Re: Encrypting Credit card numbers

by spacewarp (Pilgrim)
on Apr 23, 2001 at 07:33 UTC ( #74638=note: print w/replies, xml ) Need Help??

in reply to Encrypting Credit card numbers

I freely admit that I have no experience encrypting sensitive data, but as I read through the responses on this thread, a rather queer idea occurred to me:

Would would everyone think of a system whereby the user chooses a password when then enter their CC#. On the server, that password in encrypted using crypt() or some similar one-way encryption, and then the line of gibberish that is the encrypted password is used as the key for the encryption on the actual CC#. That way, the numbers can be stored on the server, while the keys aren't.

Would something like this work?


Use of this advanced computing technology does not imply an endorsement
of Western industrial civilization.

Replies are listed 'Best First'.
Re: Re: Encrypting Credit card numbers
by turnstep (Parson) on Apr 23, 2001 at 15:25 UTC

    This would also not address the original problem of having automated, recurring transactions with no card-owner interaction. You can scramble the credit card numbers eight ways till Tuesday, but at some point, they must be unscrambled and sent to the bank.

Re: Re: Encrypting Credit card numbers
by petethered (Pilgrim) on Apr 23, 2001 at 08:45 UTC
    Not really a secure option since if the code gets read you can figure out how to generate the key.


    insert into pete values('red hair','near green eyes','overinflated ego');

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://74638]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (3)
As of 2023-10-04 02:50 GMT
Find Nodes?
    Voting Booth?

    No recent polls found