Best way to store credit card info

[ashattuc]

Hi Folks!

I need to be able to store credit card information taken from an online form. I don't need to hang onto the data too long, but I need to use it to set up several accounts with other providers on my client's behalf.

I've read that sending the data via e-mail is a bad idea, and that it's better to store it encryped in a database. My question is how do you do a 2-way encryption for it? I know you can use the MySQL PASSWORD for 1-way, but I'm cluess on the proceedure for 2-way.

Can anyone help with this?

Thanks!
Chris

[Tarh]

If you have PHP 5 with the mcrypt library installed, it should be an easy task. What you're looking for is called a symmetric block cypher. Since you're operation is mission-critical (storing credit card information), I'd recommend using a cypher such as 256-bit Rijndael (constant in mcrypt is MCRYPT_RIJNDAEL_256).

If you don't have mcrypt, you'll either need to install it or use a third party library.

Keep in mind, all of this server-side encryption doesn't do a thing unless you use strong SSL connections for transferring the credit card information. Also, make sure that you indicate to the users that your system uses encryption, and provide a link to your privacy policy up-front.

If you want to learn more about symmetric block cyphers, listen to episode 33 of Security Now! (or read the transcripts of the 43 minute audio).

[nsj]

64 bit encryption. not all that good, but easier to use :-)

http://php.net/base64encode

and

http://php.net/base64decode

[ashattuc]

So I'm looking at possibly using this tool to encrypt / decrypt the data, and then removing the data from the database as soon as possible:

http://blog.sc.tri-bit.com/archives/101

Any thoughts on that approach?

Thanks,
Chris

[superuser2]

Don't use base64 for storing credit card info, ever. Period. It's not encryption; it's encoding. It's easy to spot and any base64 encoded string can be decoded by any base64 decoder within millionths of a second. There is no "key"; it's not secret, and it is not for storing data that needs to be secure.

Mcrypt.

[Chris Corbyn]

64 bit encryption. not all that good, but easier to use :-)

http://php.net/base64encode

and

http://php.net/base64decode

That is not "64 bit encryption". It's 7 bit for a start. It's "base 64" as in Hex being base16 and decimal being base 10. Base64 is extremely easy to decode... you could pretty easily read a base64 encoded string in your own head if you know how it works, just like many people can interpret hexadecimal (such as quoted-printable) by just looking at it. Even easier if you know that what you're looking at is numeric (i.e. 7-bit ascii all in a close range). Base64 is purely a way of representing strings only with 7-bits. Binary data, or unicode charsets for example use 8-bits and most protocols don't carry 8-bit streams, which is why it's needed.

You need something that encrypts with a key like one of the options from mcrypt.

I think it's pretty critical that people realise base64 is completely readable because I have seen confused with encryption so many times before.

[bokehman]

Just put the data in a file encrypted with GnuPG and send it by email. GnuPG utilizes a public key and a private key. The public key is used to encrypt; the private key is used to decrypt. The private key is stored on your private machine and is used to decrypt the file when it arrives. Most servers have PGP or GnuPG installed and good email clients like Thunderbird have extensions that allow it's reversal (with the correct private key of course).

[TheRedDevil]

ashattuc:
To store credit card numbers legally and safe you need to fullfill the different requirements your cc processor has. In addition you will also need to fullfill the requirements to each debit/credit card company (i.e. visa, master card etc).

This is a difficult process, and since your asking how to do it; you would be better off leaving this to your processor instead of trying to do it yourself.

Your best shot, would be to setup those accounts asap your client clicks submit and never store any cc information.