|
I hate to use the phrase, but for the encryption side, one idea is to use "web services", or something like it. On a server behind your firewall, pass the cc#, account#, etc. via SOAP call (or something less complicated) to a service whose only function is to encrypt the data and insert/update the record in a separate database. The key would be safely away from the webserver, cc# would be stored separately from the customer name, address, etc., and the info would still get encrypted in real time. If someone gained access to the webserver and wanted to be malicious, they could figure out what data your service needed and "update" all of your customer's cc info. You could come up with any number of safeguards to limit the damage, but I would suggest using an effective date range for your cc record. When a new update comes in, expire the old record by changing a date field, move the old record to an archive table, and insert the new record.
For monthly processing, you could either decrypt in a script as you mentioned, or setup a decryption service. This is basically Belisarius' black box idea stated a different way.
Just my two cents.
__________________
It takes 2 points to draw a straight line, but at least 3 points to draw a conclusion.
|