Credit card processing 'best practice' guidelines / whitepapers
From: Foote Jeremy (Platinion - SYD) (jeremy.foote@Platinion.com)Date: 09/18/01
- Previous message: Baker, Thomas: "RE: nmap-spoofing-question"
- Next in thread: Christian Jean: "Re: Credit card processing 'best practice' guidelines / whitepapers"
- Reply: Christian Jean: "Re: Credit card processing 'best practice' guidelines / whitepapers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <37E90D33E984D511966D00B0D0682084011A23@psymail.syd.platinion.com> From: "Foote Jeremy (Platinion - SYD)" <jeremy.foote@Platinion.com> To: Security-basics@securityfocus.com Subject: Credit card processing 'best practice' guidelines / whitepapers Date: Tue, 18 Sep 2001 10:06:27 +1000
Could anyone point me in the direction (a) white paper(s) on on-line
credit card processing best practice. There are a lot of vendor specific
information out there (here's your problem and here is the vendor x name's
solution) and it may be that a vendor solution is required, I'm not sure.
Thus far, I have determined that there are a few critical steps to ensure
the security of on-line transactions.
Client authentication -- to verify a users identity (In
liability and integrity terms, should this be handled by the application by
a third party vendor?)
Channel security -- to allow private information transfer (man in
the middle attacks aside, a 128 bit SSL solution is apparently the best
option)
Access control -- to enforce user permissions on data (my assumption
here is a database security architecture. Users need to read product
details from a database, write transaction details etc.)
Does anyone have experience with this from an infrastructure
consultants perspective?
Jeremy Foote
MCSE, CCNA, blah blah blah
- Previous message: Baker, Thomas: "RE: nmap-spoofing-question"
- Next in thread: Christian Jean: "Re: Credit card processing 'best practice' guidelines / whitepapers"
- Reply: Christian Jean: "Re: Credit card processing 'best practice' guidelines / whitepapers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
