Forum OpenACS Q&A: Response to Encryption of data
I'd actually like to implement a system similar to what Philip Greenspun describes with a public and private key but in a slightly different way. (unless a credit card processor can or already has been convinced to implement the public/private key method of handling credit card numbers)
My idea would require a separate machine that contacts the credit card processor for a decision. A public and private key are generated and the public key is stored only on the web server, the private key only on the card processor server.
- The web server machine receives the order and stores the encrypted credit card number using our public key.
- The web server machine triggers the credit card processor machine to retrieve a decision
- The card processor machine decrypts the credit card number using the private key and makes the SSL connection or whatever secure means the credit card processor has set up and retrieves the decision, storing it in the database
The store we used to run a couple of years ago (discontinued for reasons completely unrelated to security) used to store the credit card numbers in plain text and depend on our wonderful security elsewhere to keep them safe.