[Hidden-tech] Shopping cart security

Peter Hutchins peter at litmusdesigns.com
Fri Feb 22 09:04:35 EST 2008 

Thanks everyone for the feedback on security. The legal/compliance  
tips were particularly useful as was the point of not storing the CCV  
(I checked with the store owner and indeed, we don't need that data at  
all).

thanks,
-pH

On Feb 21, 2008, at 11:09 AM, Charles Uchu Strader wrote:

> Peter,
>
> This scheme does address a lot of potential security issues.  Make  
> sure you aren't using a more vulnerable to virus email app like the  
> Express version of Outlook.  Deleting used data immediately is key,  
> even though it is encrypted in the different states it exists in.
>
> Also, you may want to review possible impacts related to your  
> merchant agreement.  Some merchant providers have contract  
> restrictions related to what method the credit card information is  
> collected, so if you don't have a contract that says you can collect  
> the information online then decide if this is an important  
> consideration or not.
>
> Charles Uchu Strader
> charles at gaiahost.coop            1-800-672-8060 x803
> -----------------------------------------------------
> GAIA Host Collective, LLC    http://www.gaiahost.coop
> -----------------------------------------------------  "Internet  
> hosting from an environmentally and
>   socially concerned worker-owned cooperative"
> -----------------------------------------------------
>
>
> Peter Hutchins wrote:
>>
>> ------------------------------------------------------------------------
>>
>> I'd like to run a development concept past the security minded  
>> folks out there for some critical feedback:
>>
>> I'm setting up a shopping cart for a client who wants to process  
>> credit card purchases "offline", i.e.: run the transaction through  
>> their credit card terminal as though it were a phone order without  
>> a web-based payment gateway or merchant account. This obviously  
>> requires collecting and storing critical credit card data until the  
>> store owner processes the transaction, at which point the critical  
>> data can be deleted.
>>
>> Here's my proposed solution for securely handling the data:
>> 1. CC info is gathered in a SSL encrypted form
>> 2. expiration data and ccv are written to a database and encrypted  
>> via mysql's AES_ENCRYPT() (this DB is separate from the regular  
>> store DB providing separate password protection, in case the first  
>> DB is compromised)
>> 3. credit card number is split into two parts, with one half being  
>> encrypted and written to the database with the transaction above
>> 4. the other half of the credit card number is written to a file  
>> that is encrypted with GnuPG and emailed to the store owner  
>> (protecting it with a Private/Public key and passphrase).
>> 5. when the store owner gets the email, he logs into the store  
>> admin, views the online credit card info, processes the order and  
>> deletes the online data from the database and the email from his  
>> inbox.
>>
>> - One issue I see is that the database login and encryption key for  
>> that half of the process must be stored on the server, rendering it  
>> vulnerable to compromise, but the other half of the CC info is  
>> still protected.
>>
>> So, my questions are:
>> - Is this secure "enough"?
>> - Is there a better way?
>>
>> Thanks!
>> -Peter Hutchins
>>
>>
>> : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
>> Peter Hutchins
>> Litmus Designs
>> 505 S. Albany St.
>> Ithaca, NY 14850
>> 413.582.7038 voice
>> 413.517.0596 fax
>> www.litmusdesigns.com <http://www.litmusdesigns.com>
>>
>> web design, custom programming & graphic design
>> : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
>> Hidden-discuss at lists.hidden-tech.net
>>
>> You are receiving this because you are on the Hidden-Tech  
>> Discussion list.
>> If you would like to change your list preferences, Go to the  
>> Members   page on the Hidden Tech Web site.
>> http://www.hidden-tech.net/members

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20080222/c40fd7cf/attachment.htm

Google
More information about the Hidden-discuss mailing list