Re: keeping credit card numbers safe?

From: -----Nighthawk------ (nNiOgShPtAhMawk@tamu.edu)
Date: 06/19/02 

From: "-----Nighthawk------" <nNiOgShPtAhMawk@tamu.edu>
Date: Wed, 19 Jun 2002 10:42:19 -0500

I would suggest multiple level machines...

Only keep the credit card numbers in a temporary "holding" area... have your
billing etc.. processed from a completely separate machine which is
firewalled and severely restricted in the services offered.

Machine 1 takes registration etc...
Makes secure connection back to machine 2 over 2nd ethernet card on private
IP or even better, depending on what you are running for machines, IPX or
some other non-conventionally routed protocol.

Machine 2 processes payments through firewall.
Machine 2 has no services running on it other than those absolutely
necessary to process the payments.

"Lachlan Ross" <lwross16@hotmail.com> wrote in message
news:aep4sg$1e4j$1@otis.netspace.net.au...
> Hi all,
>
> I need to store creditcard numbers on my web server and need them to be
> protected some how. The reason I need to store them is because the
service
> if for subscribers who get charged each month automatically. ie they
enter
> the creditcard details at signup and then get billed each month
> automatically. The server is able to transmit the card numbers securly
> using to the payment gateway and from the users browser to the server
using
> ssl but how do I store the numbaers on the machine safely.
>
> I thought of encrypting them but to decrypt them, the decryption key would
> need to be on the machine too which defeats the purpose. Any advice would
> be greatly appreciated as I am only learning in this are.
>
> Thanks
>
> Lachlan
>
>

Relevant Pages

  • Re: keeping credit card numbers safe?
    ... ]I need to store creditcard numbers on my web server and need them to be ... The reason I need to store them is because the service ... The server is able to transmit the card numbers securly ... ]I thought of encrypting them but to decrypt them, ...
    (comp.security.misc)
  • Re: keeping credit card numbers safe?
    ... ]I need to store creditcard numbers on my web server and need them to be ... The reason I need to store them is because the service ... The server is able to transmit the card numbers securly ... ]I thought of encrypting them but to decrypt them, ...
    (comp.security.misc)
  • Re: keeping credit card numbers safe?
    ... Only keep the credit card numbers in a temporary "holding" area... ... > I need to store creditcard numbers on my web server and need them to be ... The reason I need to store them is because the ... The server is able to transmit the card numbers securly ...
    (comp.security.unix)
  • Re: IBM RISC 6000 Server Type 7009 worth anything?
    ... >I have a IBM RISC 6000 type 7009 server from a grocery store. ... >have a video card but it has an etherenet card a floppy drive, 2 hdd's, it ... The IBM RS6000 have been around a long time. ...
    (sci.electronics.repair)
  • Re: When Encounter Racism! (OT)
    ... Sorry to hear about your episode in the department store. ... I find though that I am more subject to racism in Thailand than what my wife ... use a check rather than a charge card. ... She proceeded to write my license number on ...
    (soc.culture.thai)