heh my whole database lies on a separate server, and the CC numbers in there look like this
^%@!^%@$!)fwer4ewkahnsdkajlhj7866t43223&$^%#!@!@bslk\][qe2896^$&!@09uepwrhjkl/nda/;lq-098213hkljhklisy87^&*(%@#@)(*POJW}QESKJNQDSKJ982t1837521iugKJALKNSoe8134602984ioLKHANS:IQJH)9712936521543 it's "low tech" cuz i just use this algorithm in my coldfusion template to turn it into that. If anyone needed to find out that number, they will have to hack into my root folder and look at the CFM template. But that's not it. Another part of the algorithm lies in my hard drive somewhere but not in the root folder. And just for good measure, the name of the fields of those CC's has nothing to do with CC's. Also the actual billing table has a field called credit card in it, that contains this... *&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID*&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID*&^#@*(IUHDSDHO:IHIDO:HDW*(^@IhOID which is just dynamic garbage lol. HAHA, have fun decrypting that my friend! Pyschology is your best tool! >From: "Don Vawter" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: CF-Talk <[EMAIL PROTECTED]> >Subject: Best practices storing CC >Date: Fri, 16 Nov 2001 12:46:38 -0700 > >Any advice on storing credit card info? > > >My thoughts are that it should be stored in a separate db which is not >accessible via web >and have cf push the info to a template behind the firewall to do the >actual >authorization and push the results back to the main server. Does this make >sense or am I making it too complicated (or leaving something obvious out). > >What are recommendatsions on encyption, is DES ok or do I need something >else? > >TIA > >Don > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

