[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl] Safely Storing a Credit Card Number using Perl? - off topic



I was hoping that someone in the group might be able to provide some insight
into this problem.  I will shortly be deploying a Perl based e-commerce web
based solution, whereby credit cards will be used to pay for products.  My
purchase app runs on a shared server environment (ie; multiple web sites &
developers, sharing same server).

Given that Perl is source code readable, and that anyone on the server could
theoretically copy & read my programs, how does a Perl programmer securely
encode/encrypt a sensitive field so that others can't decode/un-encrypt the
sensitive field?

Or is this simply not doable using an interpreted language in a shared
environment?  Must I 'call' a compiled (binary) 'c' program to do the
encryption, where parameter one is the plaintext field to be encrypted?
(and yes, I know that an 'expert' so inclined and having the right 'tools',
could probably de-compile the binary program to learn how the file was
encrypted - but I think this is very unlikely to occur).

Those so inclined, please email me personally, so as to not clutter up the
list <mailto: greg@tradesvc.com>


***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch