Re: mysql and credit cards

So sprach »Alexander 'Digital Projects' Skwar« am 2001-07-26 um 18:48:15 +0200 : > MySQL's builtin ENCRYPT() function is good enough. No need to worry Uhm, is ENCRYPT decryptable? Anyhow, I was rather thinking about ENCODE()/DECODE(). > PS: filter sql Alexander Skwar -- How to quote: http:

[fwd] Re: mysql and credit cards (from: ASkwar@DigitalProjects.com)

So sprach »William R. Mussatto« am 2001-07-25 um 23:01:49 -0700 : > But what happens when the customer returns the product? You no longer > have the cC to do a chargeback Have him enter it again. Explain that this is done to increase the security and he may be fine. If not - well he's already

[fwd] Re: Re: mysql and credit cards (from: mysql@lists.mysql.com)

database,sql,query,table So sprach =BBPeter van Dijk=AB am 2001-07-25 um 23:59:48 +0200 : > That is only true for a parallel cipher. A non-parallel cipher (like Yep, that's why I said symetrical encryption. Asymetrical enc.'s work like you explained. Alexander Skwar -- How to quote: http://

Re: mysql and credit cards

So sprach »Fletcher Sandbeck« am 2001-07-25 um 15:08:48 -0700 : > I would counter that symmetric encryption is reasonably easy to > implement and provides a modicum of security, so why not go ahead and > do it. Just don't be fooled that a determined individual won't be > able to defeat your encr

Re: mysql and credit cards

On Wednesday 25 July 2001 17:53, Elvis wrote: > You can always degrade the credit card. > > 1) verify AUTH ONLY (not capture) with your CC provider. (if you want to verify they have funds available and the CC is valid) > 2) store the CC # in the database > 3) ..do your order processing thing or

Re: mysql and credit cards

letcher Sandbeck <[EMAIL PROTECTED]>, > mysql <[EMAIL PROTECTED]> > Subject: Re: mysql and credit cards > > You can always degrade the credit card. > > 1) verify AUTH ONLY (not capture) with your CC provider. (if you want to verify they >have funds available and

Re: mysql and credit cards

ated > somewhere else, would allow you to 'transport' the tables containing the > sensitive data (i.e. credit card info) with some sense of security... > > - Original Message - > From: "Fletcher Sandbeck" <[EMAIL PROTECTED]> > To: "mysql&quo

Re: mysql and credit cards

you to 'transport' the tables containing the sensitive data (i.e. credit card info) with some sense of security... - Original Message - From: "Fletcher Sandbeck" <[EMAIL PROTECTED]> To: "mysql" <[EMAIL PROTECTED]> Sent: Wednesday, July

Re: mysql and credit cards

On 7/25/01 at 7:12 PM, Alexander Skwar wrote: > However, if you need to reconstruct it, nothing is safe. And that's > quite simple: > a) You need to get access to the MySQL server. Impossible to do from > the outside if '--skip-networking' is used. > b) So, only possible from the localhost. Th

Re: mysql and credit cards

On Wed, Jul 25, 2001 at 07:12:17PM +0200, Alexander Skwar wrote: [snip] > 'encryption'? Hmm, how about: none? If you don't need to reconstruct > the cc#, md5 will be good. Indeed. That is however rarely the case with credit card numbers. > However, if you need to reconstruct it, nothing is saf

Re: mysql and credit cards

So sprach »Alan Cox« am 2000-02-20 um 11:57:47 -0500 : > Greetings: I was wondering if anyone has any ideas about the best way to > store credit cards in a database ... and I'm not referring that much to the > field type, but rather encrytption techniques. 'encryption'? Hmm, how about: none? If

Re: mysql and credit cards

Depending on the 'environment' (i.e. O/S you're using), the tools available might be different... But, using Linux (and I'm sure any other 'flavor' of Unix), my company used the latest 'libmcrypt' to encrypt the credit card numbers (as well as the user passwords) within a PHP function prior to