You need to use some form of encryption that uses public and private keys. eg. PGP
You store the public key on the server and the private key somewhere else. You encrypt using the public key, but can only decrypt using the private key. As long as the private key isn't on the server and kept in a safe place then your CC details should be fairly secure.
Regards
Stephen
Andrew Levett wrote:
Afternoon all,
I know its not best practice but we need to store credit card details in
a MySQL db, does anyone know of a safe way to encrypt the cc number?
The main problem I see is that the key will need to be stored within the db as well - therefore I am thinking of using some of the data already in the db as the key.
Anyone got a better idea?
Cheers
Andy
------------------------------------------------------- RAWNET LIMITED - Internet, New Media and ebusiness Gurus
Visit our new website at http://www.rawnet.com for more information about our company, or call us anytime free on 0800 2942424. ------------------------------------------------------- Andrew Levett Web Application Developer, Rawnet Limited Telephone : +44 (0) 1344 393 040 Web : http://www.rawnet.com ------------------------------------------------------- This message may contain information which is legally privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any unauthorised disclosure, copying, distribution or use of this information is strictly prohibited. Such notification notwithstanding, any comments, opinions, information or conclusions expressed in this message are those of the originator, not of rawnet limited, unless otherwise explicitly and independently indicated by an authorised representative of rawnet limited. -------------------------------------------------------
-- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
