[thelist] Developing secure sites and waiving liability

Judah McAuley judah at wiredotter.com
Mon Jul 15 11:34:02 CDT 2002


John Olival wrote:
> Why don't you store a unique reference number in the database instead of the
> c/c number? E-mail the c/c number and unique reference number) to the
> responsible person at your client. When they process the order/booking
> (after they have downloaded the database), they can find the c/c number
> applicable to that unique booking reference number. An alternative to
> downloading the database is to have an interface (admin area) where your
> client can view the unique bookings on line, instead of downloading the
> database. Since the c/c details are not on the sever, the security risk is
> reduced somewhat.

We've been working on a system to get people CC information while
minimizing the security risks.  We've come up with a solution that works
like this:

When the CC comes in, store only part of the information on the server.
   Store the visitors basic information (unique identifier, basic
billing info perhaps) and the first 12 digits of the credit card in a
file that is stored outside of the web root.

Email off the unique identifier, basic billing info, last 4 digits of
the CC and expiration date to the person who will do the billing.

Create a secure page, lock down to a particular IP address, and require
a username/password.  Use this page to do a lookup of the info stored on
the server based off of the unique identifier/billing info combination
that was emailed off.

Once the report has been generated, wipe the info off of the server.
Run a periodic process that checks to see how long its been since the CC
info was gathered off the server.  Send emails, make phone calls, etc to
make the end user get online and retreive the information.

This method doesn't require encryption (it could be enhanced using it
though) and isn't too onerous on the end user.  It also has the
advantage of never storing all the information in one place at any time
on an Internet accessible machine.  That's probably about as secure as
you can reasonably get.

Hope this helps,
Judah





More information about the thelist mailing list