Credit Card Question

Hi - I'm looking for a bit of advice with an e-commerce problem.

Ok, suppose the user has gone to a checkout on a site. All the order details are done, they just type in some credit card details. Once they click Submit - they should get an order conformation and go back to the home page or something similar.
My question is what to do with the CC details. If the person already has CC processing equipment then they are not going to want to pay for some "Secure Process Service".
Is it ok to send the order / CC details by encrypted email? I wouldn't have thought storing them on a db would be wise.

Any suggestions?
Thanks

Well if they already have a merchant account with a bank you may find the bank can provide them with a cheap online payment solution that links into their existing account.

Encrypted emails is one way of doing things, the other way would be to PGP them and save encrypted version in DB (GnuPG http://www.gnupg.org/). Then open page that displays them and decrypt them using the private key. That would be the most secure method.

Andreas, maybe I'm misunderstanding what you are saying here



but this would mean the private key would have to be on the server, which isn't secure.

Sorry, i meant display them encrypted and then copy and paste them into program to decrypt them, with private key on your machine.

Thanks for the reply -

Well i'll read up on the GnuPG process. It does seem like a good idea. Personally i don't like the idea of sending personal information by email but i don't really know the security risks - if it was encrypted.

Someone i know said that they stored the order information (and CC info) on a seperate db. They logged into an admin section, got the info + processed the order, deleted the info, logged out.
The GnuPG sytem sounds pretty similar except that the info is encrypted whilst being held on the db.

I suppose if you are confident in your db / login authentication routine, there is not too much to worry about. Its just IF someone did get into the db, they would have the unprocessed CC complete with address etc...Potential for being risky.

Yeah, just having a secure site is not much, you really need to have confidence that even if someone breaks in there is nothing they can do. With CC numbers you need to be sure.

With most of our hotel sites which have secure booking facilities we just encrypt the form data and send it out by e-mail for them to decrypt. At least that way the most likely place for credit card theft is at the hotel, but the risk is spread far wider than if we had everything in a database.

As for security at the hotels, well, erm, make sure your credit card doesn't have a very high limit. :-)

Trev - who's seen it all!

Can you expand on the encrypted email method.

So your final CC form is over SSl (of course) - then the submit button puts the info into a sendmail program. So i assume you need a private / public key system to encrpyt / decrypt the data going in and out of the email.

Cheers