-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Before you implement anything, I would do a lot of research about encryption. No offense, but from your question, it is clear that you know next to nothing about encryption. That's fine. A few years ago, I was the exact same way. However, encryption is somewhat complex, so if you're going to do it, you should do it right. In my opinion, poorly implemented encryption can be worse than no encryption at all.
You should also think carefully before storing customers credit card numbers. You should seriously consider whether or not it is really necessary to do so. If it is simply for the purpose of rebilling, a lot of credit card processing API's will handle this for you. Finally, what another poster said is right on the money. If you are in a shared hosting environment, do not even think about handling customers credit cards. There are too many ways security can be compromised on such systems. If that is in fact the case, I would suggest you outsource the customer billing. Remember also that security breaches of this type can seriously damage the reputation of any organization. Aaron - -- Skype: cannona MSN/Windows Messenger: [EMAIL PROTECTED] (don't send email to the hotmail address.) - ----- Original Message ----- From: "Neil Tompkins" <[EMAIL PROTECTED]> To: <mysql@lists.mysql.com> Sent: Saturday, March 10, 2007 4:17 AM Subject: MD5()
I'm looking to use MD5() to encrypt credit card numbers. How do I unencrypt this when reading the value ? Thanks, Neil _________________________________________________________________ Get Hotmail, News, Sport and Entertainment from MSN on your mobile. http://www.msn.txt4content.com/ -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) - GPGrelay v0.959 Comment: Key available from all major key servers. iD8DBQFF8tlUI7J99hVZuJcRA+kXAKDEB6EU0QzTrTZu72wPUe+43Pi2TwCeKTFw UDnwBp4Wwt+/n4YAn6SPfl4= =HRjm -----END PGP SIGNATURE----- -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
