heh my whole database lies on a separate server, and the CC numbers in there 
look like this

^%@!^%@$!)fwer4ewkahnsdkajlhj7866t43223&$^%#!@!@bslk\][qe2896^$&!@09uepwrhjkl/nda/;lq-098213hkljhklisy87^&*(%@#@)(*POJW}QESKJNQDSKJ982t1837521iugKJALKNSoe8134602984ioLKHANS:IQJH)9712936521543


it's "low tech" cuz i just use this algorithm in my coldfusion template to 
turn it into that.  If anyone needed to find out that number, they will have 
to hack into my root folder and look at the CFM template.  But that's not 
it.  Another part of the algorithm lies in my hard drive somewhere but not 
in the root folder. And just for good measure, the name of the fields of 
those CC's has nothing to do with CC's.  Also the actual billing table has a 
field called credit card in it, that contains this...
*&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID*&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID*&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID

which is just dynamic garbage lol. HAHA, have fun decrypting that my friend! 
  Pyschology is your best tool!




>From: "Don Vawter" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: Best practices storing CC
>Date: Fri, 16 Nov 2001 12:46:38 -0700
>
>Any advice on storing credit card info?
>
>
>My thoughts are that it should be stored in a separate db which is not
>accessible via web
>and have cf push the info to a template behind the firewall to do the 
>actual
>authorization and push the results back to the main server. Does this make
>sense or am I making it too complicated (or leaving something obvious out).
>
>What are recommendatsions on encyption, is DES ok or do I need something
>else?
>
>TIA
>
>Don
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Reply via email to