Encrypting credit card data
Kenneth Brody
kenbrody at spamcop.net
Wed Jun 17 05:22:56 PDT 2009
This never showed up here, so I'm sending it again...
-------- Original Message --------
Subject: Re: Encrypting credit card data
Date: Mon, 15 Jun 2009 09:41:59 -0400
From: Kenneth Brody <kenbrody at spamcop.net>
[...]
George Simon wrote:
> Because I'm running 5.0.14. Although I'm sure is very good, I don't know if
> it would be an "accepted" encryption algorithm.
filePro's encryption methods include:
blowfish
twofish
safer+
rc2
rc5
rc6
aes
rijndael
des
3des
> Here is what I've found on the subject.
> The PCI-CISP rules require that you use "strong encryption" and reference
> Triple DES and 256-bit AES encryption as examples. The term "strong
> encryption" is not defined and is therefore somewhat vague. There are
> several encryption algorithms that could be considered as "strong
> encryption." The inclusion of Triple DES and 256-bit AES is probably not an
> accident - these encryption algorithms are the only ones accepted by the
> National Institute of Standards and Technology for federal use.
--
Kenneth Brody
More information about the Filepro-list
mailing list