Exactly as, with any public cflib encryption technique it will show you hope to encrypt it, but conversly it will show you how to decrypt it.
does mySQL have a hashing function anyway? -----Original Message----- From: Stephen Moretti [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 17:00 To: [EMAIL PROTECTED] Subject: Re: [ cf-dev ] Credit card encryption Andrew, You need to use some form of encryption that uses public and private keys. eg. PGP You store the public key on the server and the private key somewhere else. You encrypt using the public key, but can only decrypt using the private key. As long as the private key isn't on the server and kept in a safe place then your CC details should be fairly secure. Regards Stephen Andrew Levett wrote: > Afternoon all, > > I know its not best practice but we need to store credit card details in > a MySQL db, does anyone know of a safe way to encrypt the cc number? > > The main problem I see is that the key will need to be stored within the > db as well - therefore I am thinking of using some of the data already > in the db as the key. > > Anyone got a better idea? > > Cheers > > Andy > > ------------------------------------------------------- > RAWNET LIMITED - Internet, New Media and ebusiness Gurus > > Visit our new website at http://www.rawnet.com for more information > about our company, or call us anytime free on 0800 2942424. > ------------------------------------------------------- > Andrew Levett > Web Application Developer, Rawnet Limited > Telephone : +44 (0) 1344 393 040 > Web : http://www.rawnet.com > ------------------------------------------------------- > This message may contain information which is legally privileged and/or > confidential. If you are not the intended recipient, you are hereby > notified that any unauthorised disclosure, copying, distribution or use > of this information is strictly prohibited. Such notification > notwithstanding, any comments, opinions, information or conclusions > expressed in this message are those of the originator, not of rawnet > limited, unless otherwise explicitly and independently indicated by an > authorised representative of rawnet limited. > ------------------------------------------------------- > > > -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED] -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
