Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Anyone want a really quick little earner

Options
2»

Comments

  • Options
    #32
    p
    Registered Users Posts: 2,119 ✭✭✭p


    Originally posted by Webmonkey
    oh god i would never trust client side encryption. Easily hacked. But then again maybe i'm wrong in the way i'm understanding it

    Didn't you just suggest a client side solution earlier on in the thread? ...

    Yeah thats true. Why don't u just use a form to transfer the data onto a file/database on the same server. The data won't leave the server.

    Getting stuff from the form » server, means it's going from the client » server.

    - Kevin


  • Options
    #33
    misterq
    Closed Accounts Posts: 382 ✭✭misterq


    I think the consensus is that for the shopper to enter the credit card details securely online, they will need to be connected to a secure server.
    This will encrypt any communications between the shopper and the server, so nobody else can see the credit card numbers.
    It's done by 1,000's of sites across the world, it is industry standard and an absolute must in my opinion.

    Ok, so now the shopper has sent the details to the web server.
    Our next objective is to communicate the card number to the seller.
    We can normally do this in either of two ways:
    1) Send the information to the seller as an email
    or
    2) Store the CC information on the server and notify the seller to collect it from the server

    1) Sending as Email
    Most Linux servers have PGP installed which can encrypt the email before sending and thus the data will be secure while being sent across the Internet.

    If you don't have PGP, you could try another encryption method, but I don't know of any Javascript, ASP or PHP encryption methods that are proven to be secure.

    2) Store on Server
    The details are written to a database or file and the seller is informed by email to connect up (via SSL) to retrieve the info.
    If you go this way, you had better encrypt the CC details while on the server! It would also be a very good idea to remove them once viewed.
    I haven't used this method myself as I believe there are more potential security risks and more work involved.

    Hope this is helpful.

    Ronan


  • Options
    #34
    Webmonkey
    Registered Users Posts: 9,579 ✭✭✭Webmonkey


    Originally posted by p
    Didn't you just suggest a client side solution earlier on in the thread? ...

    am no, I suggested Md5 which is PHP which hmm let me think is server side? But i know i wasn't thinking right but if you read again u'll see that i didn't say anything bout client side encryption.

    Originally posted by p
    Getting stuff from the form » server, means it's going from the client » server.

    Doesn't everything. Maybe i was thinking another way yet again.


Advertisement