| Subject | Re: [firebird-support] Field level encryption with UDF? |
|---|---|
| Author | Daniel Rail |
| Post date | 2009-05-05T18:04:50Z |
Hi,
At Tuesday, May 05, 2009, 12:16 PM, Myles Wakeham wrote:
We only store the last 4 digits in our application(no expiry date and
no CVV2 are stored). And, we don't have to encrypt the data, because
it would be more of a guessing game to find the remaining 12 digits to
reconstruct the card's number.
--
Best regards,
Daniel Rail
Senior Software Developer
ACCRA Solutions Inc. (www.accra.ca)
ACCRA Med Software Inc. (www.filopto.com)
At Tuesday, May 05, 2009, 12:16 PM, Myles Wakeham wrote:
> I have a Firebird 1.5 database that has a table for storing credit cardWhy do you need to store the whole credit card numbers?
> numbers. In accordance with PCI compliance on credit card handling
> regulations, I need to restrict access to this information on a
> 'business need to know' basis. I can do most of that with user level
> security, etc.
We only store the last 4 digits in our application(no expiry date and
no CVV2 are stored). And, we don't have to encrypt the data, because
it would be more of a guessing game to find the remaining 12 digits to
reconstruct the card's number.
--
Best regards,
Daniel Rail
Senior Software Developer
ACCRA Solutions Inc. (www.accra.ca)
ACCRA Med Software Inc. (www.filopto.com)