Encrypting credit card data
George Simon
george at flowersoftusa.com
Mon Jun 15 04:28:38 PDT 2009
Because I'm running 5.0.14. Although I'm sure is very good, I don't know if
it would be an "accepted" encryption algorithm.
Here is what I've found on the subject.
The PCI-CISP rules require that you use "strong encryption" and reference
Triple DES and 256-bit AES encryption as examples. The term "strong
encryption" is not defined and is therefore somewhat vague. There are
several encryption algorithms that could be considered as "strong
encryption." The inclusion of Triple DES and 256-bit AES is probably not an
accident - these encryption algorithms are the only ones accepted by the
National Institute of Standards and Technology for federal use.
From: Ken Cole [mailto:ken.m.cole at gmail.com]
Sent: Monday, June 15, 2009 12:25 AM
To: George Simon
Cc: filePro Mailing List
Subject: Re: Encrypting credit card data
George,
Why aren't you using the encrupt/decrypt commands in filePro?
Ken
On Mon, Jun 15, 2009 at 12:59 PM, George Simon <george at flowersoftusa.com>
wrote:
Does anyone know of a recognized encrypting program that can run from within
a filePro application?
Basically, I need to encrypt the credit card number, store it in a filePro
database, along with the customer's account number (not encrypted) and then
be able to decrypt it once it is needed again.
I've been doing my own "encryption" by basically re-arranging the middle
numbers of the credit card. However, that is not good enough for
Visa/Mastercard.
Thanks
George Simon
_______________________________________________
Filepro-list mailing list
Filepro-list at lists.celestial.com
http://mailman.celestial.com/mailman/listinfo/filepro-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.celestial.com/pipermail/filepro-list/attachments/20090615/b0cf6108/attachment.html
More information about the Filepro-list
mailing list