Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re^3: Paranoid about web application security

by samtregar (Abbot)
on Aug 09, 2005 at 18:59 UTC ( [id://482372]=note: print w/replies, xml ) Need Help??


in reply to Re^2: Paranoid about web application security
in thread Paranoid about web application security

It's not clear to me that this is always the safest option.

Let's be specific - you're worried that an attacker could collect CC numbers by intercepting or viewing traffic between the browser and the client. You propose to reduce this risk by storing CC numbers in the database.

This strikes me as a poor security trade-off. It reduces a rather unlikely threat (you are using SSL right?) in exchange for greatly increasing the value of your database to an attacker.

Also, make sure you consider whether you're allowed to keep those card numbers on file. There are FTC rules about this and the CC processors have rules as well. It's quite likely that what you're suggesting is in violation of those rules. I'm sure there's a way to do this which is in compliance but I doubt it involves keeping CC numbers in the clear in your database. Perhaps the CC processors offer a reusable token?

-sam

  • Comment on Re^3: Paranoid about web application security

Replies are listed 'Best First'.
Re^4: Paranoid about web application security
by adrianh (Chancellor) on Aug 10, 2005 at 10:47 UTC
    This strikes me as a poor security trade-off. It reduces a rather unlikely threat (you are using SSL right?) in exchange for greatly increasing the value of your database to an attacker.

    Amen.

    Not to mention the additional risk of a "trusted" insider getting access to the database. Most fraud is an inside job rather than the results of the wily hacker.

    If you really have to store the credit card numbers then for goodness sake don't store them in plain text.

    For example XOR them with the users password so they can't be accessed on mass, and only decoded on an individual basis when the user is logged on.

    (I'm naturally assuming that you'll only be storing a hash of the user password.)

[reply]
      I was with you until the XOR. Please, use a real encryption algorithm! It's so easy to use strong encryption (via Crypt::CBC and Crypt::Blowfish or any of the others) that there's really no excuse not to.

      -sam

[reply]
        I was with you until the XOR. Please, use a real encryption algorithm! It's so easy to use strong encryption (via Crypt::CBC and Crypt::Blowfish or any of the others) that there's really no excuse not to.

        Good point. My bad.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://482372]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (7)
As of 2024-04-25 11:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found