A database that stores lots of charge card details are an unavoidable area of the system we now have just completed. Things I want though is ultimate security from the card amounts whereby we setup a mechanism to secure and decrypt but of ourselves cannot decrypt a number.

Things I am after is a method to secure these details even lower in the database level so no-one can use and convey personal files of card amounts. How have others overcome this problem? What's the 'Standard' method of this?

For use of the information well the hyperlinks are private and secure with no transmission from the card number is carried out except whenever a record is produced which is encoded so I'm not concerned about the front-end only the back finish.


Well the database is ORACLE and so i have PL/SQL and Java to experience with.

There is no shortage of processors prepared to store your CC info and exchange it for any token with which you'll bill from the saved number. That will get you out of trouble of PCI compliance, but nonetheless enables when needed billing. Based on why you have to keep CC, that might be a much better alternative.

A lot of companies label this something similar to "Customer Profile Management", and therefore are really pretty reasonable on costs.

A couple of companies I understand of (in no particular order):

Unless of course you're a payment processor you do not really should store any type of CC information.

Take a look at needs, there is really very few cases when you have to store CC information

Don't keep charge card amounts, store a hash rather. When you really need to ensure if your new number matches a saved number, have a hash from the new number and compare it towards the saved hash. When they match, the amount is (theoretically) exactly the same.

Alternatively, you can secure the information through getting the consumer who makes its way into the credit card number to go in a pass phrase you'd make use of this being an file encryption/decryption key.

However, anybody with use of your database and sourcecode (ie. both you and your team) will discover it trivial to decrypt that data (ie. customize the live code to ensure that it emails any decryption secrets joined to some disposable Hotmail account, etc).

If you're storing the charge card information because you wouldn't want the consumer to need to re-come in then hashing associated with a form is not likely to help.

When must you act around the charge card number?

You can keep charge card amounts inside a safer database, as well as in the primary db just store enough information to exhibit towards the user, along with a mention of the the credit card. The after sales system could be a lot more locked lower and employ the particular charge card info only for order processing. You can secure these amounts by some master password if you want, however the password would need to be known through the code that must obtain the amounts.

Yes, you've only moved the issue around somewhat, but many of security is much more about lowering the attack footprint instead of getting rid of it. If you wish to avoid it then don't keep charge card number anywhere!

If you are using Oracle you may be thinking about Transparent Data File encryption. Only accessible by having an Enterprise license though.

Oracle also offers utilities for file encryption - decryption, for instance the DBMS_OBFUSCATION_TOOLKIT.

For "Standards", the correct standard you are looking at may be the PCI DSS standard which describes which measures have to be come to safeguard sensitive charge card information.

It might be useful to understand the DB server and language/platform types therefore we might get more specific, however i could be considering SHA.