[Zope] Secure storage of credit card info

Jim Sanford jsanford@atinucleus.com
Fri, 9 Jun 2000 07:59:12 -0500 

I use the int value of the datetime of the last transaction multiplied by a
random number generated for each day as the key to encrypt the CC data in my
RDBMS. Once the customer has identified themselves via a cookie or by
entering a customer id I can retrieve the last transaction datetime and use
the appropriate stored multiplier for that day to retrieve their CC info
from my DB.

The CC DB is a separate table in a separate location.

----- Original Message -----
From: "R. David Murray" <bitz@bitdance.com>
To: <zope@zope.org>
Cc: <zcommerce@codeit.com>
Sent: Thursday, June 08, 2000 7:57 PM
Subject: [Zope] Secure storage of credit card info


OK, any of you out there who have thought about ecommerce, cryptography,
and zope, I've got a design question for you.  Actually, this question
is independent of zope, but I need to solve it in a zope context.

You have a ZCommerce site.  You accept credit cards, and securely
communicate with a CC processor to verify the transacton.  Now,
you want to save the CC# and other info in case something needs
to be done with it later, and probably store the CC# so this
customer doesn't have to type it in again later.  Regardless
of whether you are storing this info in a relational database
or in the ZODB, how do you secure that information?  Ideally
I'd like it to be encrypted on disk.  Now, storing it in a database
probably makes it pretty hard to grep out even if a hacker
manages to snarf the database file, but I'd like to encrypt it.
But if I encrypt it, I have to have a decryption key somewhere.
Where do I store the decryption key so that the cracker who
snarfs the database file can't get it (just in memory somewhere?),
and yet have the system be able to boot itself, including having
the key, without human intervention?  It seems to me like
this is a Hard Problem, but I'm not up on the current
cyrptography practice.  So if there is a well known general
solution, I'd love to hear about it.  Otherwise, does anyone
know what current Best Practice is?

--RDM


_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )