This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01BFBE73.739BE640
Content-Type: text/plain;
charset="iso-8859-1"
I don't know about CF support, but I hear that a lot of people are using
things like nCipher's products to do this. It is a hardware encryption
accelerator, which also has hardware based PKI.
I think that would be better than removable media.
Also, their cards are tamper resistant -- nothing cooler than seeing a PCI
card encased in clear resin composite.
http://www.ncipher.com
--b
-----Original Message-----
From: James Sleeman [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 15, 2000 7:27 AM
To: [EMAIL PROTECTED]
Subject: Storing Credit Card details securely
A current client wants (against my recommendation) to store credit card
details so as to enable future purchases of customers to be more automated
(a subscription based system). Obviously this needs to be done in as secure
a manner as possible. I just wondered if anybody could give me some
pointers to proven ways of doing this in CF.
My thoughts would be to use some public key encryption system to encrypt
the sensitive data and then have the administrator supply the private key to
the CF application for the limited time that the data needs to be worked
with (perhaps on a per-access basis), I am advantaged by the fact that this
will be on a local server to the client and so the private key could be
stored on some removeable media (i.e disk) physically locked away from
prying eyes and only inserted into the server drive at the appropriate time.
Is there some way to employ strong public key encryption from within CF ?
Better ideas ?
Thanks...
James Sleeman
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------_=_NextPart_001_01BFBE73.739BE640
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2650.12">
<TITLE>RE: Storing Credit Card details securely</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2>I don't know about CF support, but I hear that a lot =
of people are using things like nCipher's products to do this. It =
is a hardware encryption accelerator, which also has hardware based =
PKI.</FONT></P>
<P><FONT SIZE=3D2>I think that would be better than removable =
media.</FONT>
</P>
<P><FONT SIZE=3D2>Also, their cards are tamper resistant -- nothing =
cooler than seeing a PCI card encased in clear resin composite.</FONT>
</P>
<P><FONT SIZE=3D2><A HREF=3D"http://www.ncipher.com" =
TARGET=3D"_blank">http://www.ncipher.com</A></FONT>
</P>
<P><FONT SIZE=3D2>--b</FONT>
</P>
<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: James Sleeman [<A =
HREF=3D"mailto:[EMAIL PROTECTED]">mailto:bitsy_boffin@cyberdude=
.com</A>]</FONT>
<BR><FONT SIZE=3D2>Sent: Monday, May 15, 2000 7:27 AM</FONT>
<BR><FONT SIZE=3D2>To: [EMAIL PROTECTED]</FONT>
<BR><FONT SIZE=3D2>Subject: Storing Credit Card details securely</FONT>
</P>
<BR>
<P><FONT SIZE=3D2>A current client wants (against my recommendation) to =
store credit card details so as to enable future purchases of customers =
to be more automated (a subscription based system). Obviously =
this needs to be done in as secure a manner as possible. I just =
wondered if anybody could give me some pointers to proven ways of doing =
this in CF.</FONT></P>
<P><FONT SIZE=3D2> My thoughts would be to use some public key =
encryption system to encrypt the sensitive data and then have the =
administrator supply the private key to the CF application for the =
limited time that the data needs to be worked with (perhaps on a =
per-access basis), I am advantaged by the fact that this will be on a =
local server to the client and so the private key could be stored on =
some removeable media (i.e disk) physically locked away from prying =
eyes and only inserted into the server drive at the appropriate =
time. Is there some way to employ strong public key encryption =
from within CF ?</FONT></P>
<P><FONT SIZE=3D2> Better ideas ?</FONT>
</P>
<P><FONT SIZE=3D2>Thanks...</FONT>
<BR><FONT SIZE=3D2>James Sleeman</FONT>
<BR><FONT =
SIZE=3D2>---------------------------------------------------------------=
---------------</FONT>
<BR><FONT SIZE=3D2>Archives: <A =
HREF=3D"http://www.eGroups.com/list/cf-talk" =
TARGET=3D"_blank">http://www.eGroups.com/list/cf-talk</A></FONT>
<BR><FONT SIZE=3D2>To Unsubscribe visit <A =
HREF=3D"http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk</A> or send a message to =
[EMAIL PROTECTED] with 'unsubscribe' in the =
body.</FONT></P>
</BODY>
</HTML>
------_=_NextPart_001_01BFBE73.739BE640--
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
