[TriLUG] Storing Credit Card Numbers
Brent Verner
brent at rcfile.org
Tue Mar 15 17:31:51 EST 2005
[2005-03-15 18:01] Brian Henning said:
| Hi Guys,
| It's becoming inevitable that my employer is going to ask me to add
| the ability to store credit card numbers to a point-of-sale application
| I've been developing. I've been steadfastly refusing to do so thus far
| because I don't want the security responsibility for the data... But
| it's become clear that we really do need to be able to retrieve the data
| to do things like process RMA credits and whatnot.
|
| So my question is... What encryption scheme should I be studying? I
| really don't know a lot about encryption.. Here are the requirements I
| have for whatever method you folks suggest.
|
| - Easily integrated into the application as it is. Something that could
| live in a MySQL field or two would be optimal.
| - Reversable, obviously.
| - Reasonably secure against decryption by Bad Guys.
| - Reasonably easy to work with in Java.
I've done similar by storing in OpenPGP format using the crypto
bits from here:
http://www.bouncycastle.org/
b
More information about the TriLUG
mailing list