Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Data Encryption

Tags:

security

database

encryption

A database that stores a lot of credit card information is an inevitable part of the system we have just completed. What I want though is ultimate security of the card numbers whereby we setup a mechanism to encrypt and decrypt but of ourselves cannot decrypt any given number.

What I am after is a way to secure this information even down at the database level so no one can go in and produce a file of card numbers. How have others overcome this issue? What is the 'Standard' approach to this?

As for usage of the data well the links are all private and secure and no transmission of the card number is performed except when a record is created and that is encrypted so I am not worried about the front end just the back end.

Well the database is ORACLE so I have PL/SQL and Java to play with.

like image 811
Andrew Wood Avatar asked Sep 12 '08 15:09

Andrew Wood

People also ask

What is data encryption?

Data encryption is a way of translating data from plaintext (unencrypted) to ciphertext (encrypted). Users can access encrypted data with an encryption key and decrypted data with a decryption key. There are massive amounts of sensitive information managed and stored online in the cloud or on connected servers.

What are the 2 types of data encryption?

There are two types of encryption in widespread use today: symmetric and asymmetric encryption. The name derives from whether or not the same key is used for encryption and decryption.

Why is data encryption used?

The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks.

2 Answers

There's no shortage of processors willing to store your CC info and exchange it for a token with which you can bill against the stored number. That gets you out of PCI compliance, but still allows on demand billing. Depending on why you need to store the CC, that may be a better alternative.

Most companies refer to this as something like "Customer Profile Management", and are actually pretty reasonable on fees.

A few providers I know of (in no particular order):

  • Authorize.NET Customer Information Manager
  • TrustCommerce Citadel
  • BrainTree
like image 161
Mark Brackett Avatar answered Oct 14 '22 21:10

Mark Brackett

Unless you are a payment processor you don't really need to store any kind of CC information.

Review your requirements, there really is not many cases where you need to store CC information

like image 41
paan Avatar answered Oct 14 '22 20:10

paan
Sign in to Comment

Related questions

How to auto fit/scale DBGrid's (or other similar) columns widths according to its contents?
"cannot be cast to type integer" error
stop inserting data in the database when refreshing the page [duplicate]
copy database from assets to databases folder [duplicate]
Map existing Database table for Laravel
Create table fails with Foreign Key Constraint is incorrectly Formed
Entity Framework Code First can't find database in server explorer
"ALTER ROLE db_owner ADD MEMBER A" doesn't work
Zend Framework: Proper way to interact with database?
Why are SQL fields lengths always (2^n)-1 unless less than 127?
Difference between a row-oriented and column-oriented databases in dealing information retrieval
MYSQL IN statement
PostgreSQL: performance impact of extra columns
Cannot connect to mysql with 127.0.0.1
What is the best design for a database table that can be owned by two different resources, and therefore needs two different foreign keys?
Export Django Database into YAML file
Is Golang's SQL package incapable of ad hoc / exploratory queries?
Get the database name in which Stored Procedure exists
How to migrate data from MongoDB to SQL-Server? [closed]
PostgreSQL: How to create two instances in same window machine?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!