List:General Discussion« Previous MessageNext Message »
From:Aaron Cannon Date:March 10 2007 4:13pm
Subject:Re: MD5()
View as plain text  
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Before you implement anything, I would do a lot of research about
encryption.  No offense, but from your question, it is clear that you know
next to nothing about encryption.  That's fine.  A few years ago, I was the
exact same way.  However, encryption is somewhat complex, so if you're going
to do it, you should do it right.  In my opinion, poorly implemented
encryption can be worse than no encryption at all.

You should also think carefully before storing customers credit card
numbers.  You should seriously consider whether or not it is really
necessary to do so.  If it is simply for the purpose of rebilling, a lot of
credit card processing API's will handle this for you.

Finally, what another poster said is right on the money.  If you are in a
shared hosting environment, do not even think about handling customers
credit cards.  There are too many ways security can be compromised on such
systems.  If that is in fact the case, I would suggest you outsource the
customer billing.  Remember also that security breaches of this type can
seriously damage the reputation of any organization.

Aaron


- --
Skype: cannona
MSN/Windows Messenger: cannona@stripped (don't send email to the hotmail
address.)
- ----- Original Message -----
From: "Neil Tompkins" <neildtompkins@stripped>
To: <mysql@stripped>
Sent: Saturday, March 10, 2007 4:17 AM
Subject: MD5()


> I'm looking to use MD5() to encrypt credit card numbers.  How do I
> unencrypt this when reading the value ?
>
> Thanks,
> Neil
>
> _________________________________________________________________
> Get Hotmail, News, Sport and Entertainment from MSN on your mobile.
> http://www.msn.txt4content.com/
>
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:
> http://lists.mysql.com/mysql?unsub=1
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32) - GPGrelay v0.959
Comment: Key available from all major key servers.

iD8DBQFF8tlUI7J99hVZuJcRA+kXAKDEB6EU0QzTrTZu72wPUe+43Pi2TwCeKTFw
UDnwBp4Wwt+/n4YAn6SPfl4=
=HRjm
-----END PGP SIGNATURE-----
Thread
MD5()Neil Tompkins10 Mar
  • Re: MD5()Ian P. Christian10 Mar
    • Re: MD5()Neil Tompkins10 Mar
      • Re: MD5()Ian P. Christian10 Mar
        • Re: MD5()Neil Tompkins10 Mar
          • Re: MD5()Ian P. Christian10 Mar
    • Re: MD5()Mogens Melander10 Mar
      • Re: MD5()Neil Tompkins10 Mar
  • Re: MD5()Aaron Cannon10 Mar