[thelist] Developing secure sites and waiving liability

Judah McAuley judah at wiredotter.com
Tue Jul 16 12:04:01 CDT 2002

Keith wrote:
> 1) do not just email the last 4 digits, email at least 5 or more. The
> reason, the last 4 digits are not random numbers presenting a 10,000
> possible match, they are generated from the first 12 digits with an
> algorithm. Some 12 digit combiniations have less that 100 possible 4 digit
> matches. If someone gets ahold of the first 12 characters they might be
> within 100 tries of finding a match by using the algorithm. The algorithm
> for generating the last 4 characters is well known and available on the
> web, People who pioneered this split storage concept email the last 6
> digits. I also email only a unique transaction number and the 6 digits.

That's really interesting.  I wasn't aware of that.  Do you have any
good links that explain how and why the last 4 digits are generated from
the first 12?

> 2) Andy wants to download a complete CSV for the client. The way I do that
> is have a ssl/login page which lists the unique transaction numbers still
> on the server with a corresponding input field for entering the 6 digits.
> When this is submitted you gather the matching transactions from the
> database, add the 6 digits to the 12, and generate the download on the fly,
> returning a page with the transactions checked off for removal from the
> database.

Also a good idea that I will take under advisement.

> 3) Andy is not shipping goods so this may not apply. When I generate the
> billing download I also generate a second shipping document download file
> that does not include the CC info and can be used for order fulfillment. If
> you're familiar with Perl's printer formats this file can be printed
> directly with page breaks etc for pick lists and packing lists. Likewise,
> if the end user is using software to authorize the credit card a download
> formatted for direct import into that software is a good idea.
> There are a number of remotely hosted shopping carts online that have used
> this dual storage concept for over 5 years without incident in spite of the
> fact that they store e-sales data for thousands of websites daily.

I appreciate the clarification and extension of the method.  I think all
of your points are well taken and its always a good idea to see what
other folks consider best practices.

Thanks for bringing these points up.


More information about the thelist mailing list