securely sending credit card details over the internet

davetherave2 · 28 Oct 2007 at 13:08

Hi Guys just after some advice.

I am currently working on a project to secure the credit card information held within our company.

I have implemented the first stage by placing all the information in an encrypted database using certificates and an asseymetric key. Now this information needs to be sent over to our clients in a secure manner so what is the best way?

I was thinking the best way was to use a link that is emailed to the client that opens a https webpage with the various id's to identify only the card details they need. would this be seecure enough or is there another way/ better way of doing it?

thanks in advance for any advice.

Butters · 28 Oct 2007 at 14:37

have a look at PGP, GnuPG and winPT.

These do everything you want. Basically you have PGP and your client has PGP. You both have encrypted keys which only you know.

You send the encrypted file, they decrypt it, bobs your uncle.

davetherave2 · 29 Oct 2007 at 08:08

I take it these soluitons require the software being installed on our systems as well as the clients?

If this is the case then this may be difficult to push to our clients.

Currently the details are faxed over so we need something that is simple to use but secure.

Butters · 29 Oct 2007 at 09:52

Yeah, but overheads a tiny

GPG is a command line tool only, but with winPT stuck on its a simple to use GUI and is amazingly secure. 2048 or even 4096 bit encryption which is nothing to be sniffed at especially for secure data.

However, I understand your needs.

What about using php md5 encryption?