Simple solution - DON'T display the credit card number at any time unless
the page is secured with strong SSL encryption and even then avoid it if
possible. Use client or session variables to store the CC number - don't use
hidden form fields or URL parameters even if you use encryption on the
val
riginal Message-
From: JustinMacCarthy [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 27, 2000 1:18 PM
To: CF-Talk
Subject: Re: Encrypting a credit card field...
There is a cfx_blowfish somewhere , good security less cpu overhead than PGP
or you chould role your own
For BlowFish
www.count
Also, when you use Encrypt() it will convert to binary format. Therefore,
before storing in a non-binary compatible field or database you need to
convert the encrypted string to base64 via ToBase64(). After extracting the
information from the database for decryption use ToBinary(), then
ToString()
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
cfx_encrypt is freeware and uses blowfish:
http://www.ejim.co.uk/module/encrypt/index.cfm
c
-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8 for message encryption and authentication: USE PGP!
Comment: KeyID: 0x51046CFD
iQA/AwUBOdKAAdaLYehRBGz9EQJ
This is a multi-part message in MIME format.
--=_NextPart_000_018C_01C028A3.ABF0D000
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Encrypting a credit card field...
You can use cfx_hash, for a one way hash, though that may not be the most
useful thin
q
-END PGP MESSAGE-
--
Bud Schneehagen - Tropical Web Creations
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
ColdFusion Solutions / eCommerce Development
[EMAIL PROTECTED]
http://www.twcreations.com/
954.721.3452
--_-1242031387==_ma
Content-Type: text/html; charset="us-ascii"
<!--
block
There is a cfx_blowfish somewhere , good security less cpu overhead than PGP
or you chould role your own
For BlowFish
www.counterpane.com
and directly
http://www.ejim.co.uk/module/encrypt/index.cfm
Justin MacCarthy
- Original Message -
From: "Mark W. Breneman" <[EMAIL PROTECTED]>
To: "
You can use the standard encrypt and decrypt in Cold Fusion.
Then decrypt it as needed:
-Original Message-
From: Mark W. Breneman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 27, 2000 10:46 AM
To: CF-Talk
Subject: Encrypting a credit card field...
Good day,
I am loo
8 matches
Mail list logo