Announcement

Collapse
No announcement yet.

Credit card info and security q's

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Credit card info and security q's

    Hi, could any please help me with my query regarding credit card transactions please,

    1.Describe the encryption which will be used for all transactions containing card information whilst being transmitted over the internet.

    2. Describe the network partitioning and the firewall technology, which will be used to protect the site.


    Kind Regards

    #2
    Hi Saleem

    These are the standard questions asked when setting up a merchant account.
    1.Describe the encryption which will be used for all transactions containing card information whilst being transmitted over the internet.
    The main encryption processes used are called Diffie-Hellman key exchange and SAFER block cypher. If you are using SSL this encryption takes place on the server, or if you are using the Actinic inbuilt java applet the data is encrypted in the buyer's browser. With both methods, the order is only decrypted once downloaded on the merchants PC. If you are using a PSP, the security procedures are carried out by them.
    2. Describe the network partitioning and the firewall technology, which will be used to protect the site.
    You will have to speak to your web host about their security and I would recommend installing a firewall on your PC to protect the data stored there.

    Ben
    Ben Popplestone
    Ecommerce website software

    Comment


      #3
      Thankyou Ben, your information is very helpful.

      regards

      Comment


        #4
        SSL (lack of) security

        It seems to me from the response above, that when using SSL to do the encryption, some unencryped card details will be sent from PC to the ssl server. Is there a security risk here? - please advise!

        andy
        Andy Warner

        www.legendgames.co.uk - rpgs, boardgames, dice and other geeky stuff
        www.RPGMiniatures.com D&D and Star Wars Miniatures

        Both running the Cart from Search Page hack

        Also www.mainlymurder.co.uk www.thegamesplace.co.uk and www.thediceplace.co.uk

        All running V8.5.2 Multisite on a windows 7 quad PC, augmented by Mole End automation, from a single shared database, using actinic specific hosting from Host-IT.

        Comment


          #5
          Is there a security risk here?
          No - the SSL technology secures the data from the buyers browser to the web server, then Actinic uses perl script to encrypt the data on the server until it is downloaded on the merchant's PC.
          Ben Popplestone
          Ecommerce website software

          Comment

          Working...
          X