Results 1 to 8 of 8

Thread: Storing Credit Card Information in Database

  1. #1
    Join Date
    Sep 2008

    Storing Credit Card Information in Database

    I've been reading alot about security issues and I have a concern about storing Credit Card information in a database and that it shouldn't be done.

    However, I am having a problem on what to do with an application I am creating for a client.

    The application will get user information, along with Credit Card info. The information will be stored in a database until an administrator reviews the input and accepts it. If it is accepted, the credit card will be charged.

    So how do I go about saving the credit card information if I don't store it in at least a temporary database until the other information is approved and reviewed? Once it is approved, it can be deleted from the database.

    How should I do this correctly? (Using PHP)

  2. #2
    Join Date
    Aug 2004
    I would strongly encourage you to find a solution that does not require that you store credit card data, as the consequences of mishandling it can be severe. One alternative might be to make it a 2-stage process for the user:

    1. They submit all their info except credit card info. The administrator reviews it and sets some database value for that submission if approved, which then also sends an email notification to the user with a link to the payment form.

    2. The user receives the email, clicks the confirmation link, and is taken to the final payment form. At this point he probably has to log in using the user/password values established in the initial form(s). User enters payment info, your script processes it through your selected payment gateway, and upon payment approval the account is completely approved.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  3. #3
    Join Date
    Mar 2005
    Sydney, Australia
    One of the requirements for storing credit card data on a database is that the database must be on a server behind a firewall where there is no internet access whatsoever to that server that would allow anything to be retrieved. You would nee dto have that set up in place and thoroughly tested before you even consider any of the other aspects of credit card processing.

    The only way around that one is to have the page with the SSL certificate that collects the credit card data post it directly to the third party service which provides the credit card processing for you.

  4. #4
    Join Date
    Jun 2006
    Down at the bottom of the garden
    Quote Originally Posted by felgall View Post
    One of the requirements for storing credit card data on a database is that the database must be on a server behind a firewall....
    Is this from a legal stand point, or just your recommendation?

    Why would you need a firewall on a computer with no internet access?
    Quote Originally Posted by temp.user123
    You know... You're not so smart. Do you need me to educate you?
    If you say, "please," (and do so, nicely) then I will show you where you're dead wrong.

  5. #5
    Join Date
    Aug 2008
    Quote Originally Posted by MrCoder View Post
    Is this from a legal stand point, or just your recommendation?

    Why would you need a firewall on a computer with no internet access?
    I believe that he meant computers from outside (aside from trusted computers) would not have access.

    There are all sorts of legal requirements for notification of users if there is any type of security breach involved. If you are running in a shared Linux environment, there is a much higher risk of a breach. Even if you have a dedicated server there are risks as well. It's best to trust the authorization to companies with high security than setting that same security up yourself.

    from http://www.computerworld.com/pdfs/PG..._Study_PDF.pdf
    Together, these surveys demonstrate the extreme cost consequence ($182 per record and an average of $4.8 million per incident based on an average of 26,300 records lost) of companies breaching the confidential data and underlying trust of their customers. With the single largest cost being customer turnover, the cost to brand and corporate reputation can be the most long-lasting effect.
    In spite of these consequences, new breaches are reported every week. Though security best practices dictate the use of preventative technical solutions, most companies have not yet put such protections in place.

    Do you have $182 to spend for every customer in your database in case of a breach?

  6. #6
    Join Date
    Aug 2006
    Quote Originally Posted by MrCoder View Post
    Is this from a legal stand point, or just your recommendation?
    Assuming everyone here's referring to the USA, the reference is the PCI (Payment Card Industry) DSS (Data Security Standard). If you go to https://www.pcisecuritystandards.org/ you can download the self-assessment questionnaire that applies to your particular environment (I think this particular case corresponds to environment type 5). If you look at questionnaire D, question 1.3, it discusses the network topology and separation, firewalls, DMZ which is required.

    By the way, it is NOT necessary to answer each of these questions with "YES". A "NO" answer must be explained, and can have appropriate compensating controls applied, and the scanning vendor may work with this compensating control, and the PCI approval may be given anyway if it's determined that your compensating controls are adequate.


  7. #7
    Join Date
    Apr 2007
    Nogdog's suggestion is a sensible consideration. However you might loose sales and clients don't like that.

    Another option is to process the credit card immediately using a 3rd party service like Worldpay and if approval fails, provide a refund. Problem is customers don't like that, but then who cares you just rejected them anyway, lol.

    The very fact that you're here asking this question lead me to think that you really really ought to consider very hard if you're out of your depth. If it all goes horribly wrong, someone will be held accountable and I'll bet you can guess where the buck stops. If you've accepted this contract as a sole trader it's you personally legally and financially and the punishment can carry a jail sentence. I would hope you've set yourself up as a limited liability company and employed yourself and have insurance. This kind of thing is really heavy duty. It would be better to lose a client then be held accountable for any failure.

    Are you hosting the service for your client? If so that's a whole other set of problems. You have to stay on top of security for both your scripts and hardware, and it's not something you leave to a shared hosting company. I don't think there are any companies that store CC detail that don't have their own servers in house. If anyone knows different let us know coz I don't want to use their services!
    Last edited by SyCo; 11-07-2008 at 06:08 PM.
    Anti Linux rants are usually the result of a lack of Linux experience, while anti Windows rants are usually a result of a lot of Windows experience.

  8. #8
    Join Date
    Aug 2007
    Leeds, Yorkshire, England
    I'd look at using a payment gateway - google it, there are a few and unless you've got loads of transactions a gateway is probably the best option.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center



X vBulletin 4.2.2 Debug Information

  • Page Generation 0.12409 seconds
  • Memory Usage 2,920KB
  • Queries Executed 13 (?)
More Information
Template Usage (33):
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (8)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (70):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates