Support Center » Knowledgebase » E-Commerce » Storing Customer's Credit Card in a Database

Storing Customer's Credit Card in a Database

In general, it is not safe to store sensitive information such as credit card details in your database, especially if you have the login details to your database stored in a php script. Your PHP scripts can be read by other people having an account on the same server as yours. Perl and Windows users are fairly safe in regards to this.

Even if you store the login information to your database securely, you still need to perform a secure encryption when storing credit card data. Symmetric encryption / decryption methods will not be secure because people can still easily get your encryption/decryption key.

The safest way is to pass on the credit card details to be handled by the payment processor or the bank so that you never see the customer's card details. This way there is no risk involved in doing online transactions on your part.

Article Details
Article ID: 41
Created On: 30 Aug 2003 05:00 AM
 Login [Lost Password] 
Remember Me:
Please note that the login and password to the support area is NOT the same as your hosting control panel login and password
 Article Options
Home | Register | Submit a Ticket | Knowledgebase | Downloads | Control Panel User's Guide | Server Status