|
|
|
|
|
|
by jamesaguilar
4713 days ago
|
|
|
Couldn't you also do something like this? Store each user's key, transformed in such a way that you could get it back only if you have the password. Serve the key to the user's session on login (maybe -- depending on how long you store the session, you may want to require password reentry to initiate any charges). Encrypt all sensitive data with the user's key, such that only that logged in user can read it back. The major drawback would be the same as the benefit. Since you can't know your users' CC numbers, you also can't make recurring charges. Pipe-dream solution to that -- you should be able to get a token from your payment provider that authorizes you and only you to charge the CC. Should that token leak, you barely even need to revoke it. It can't be used by anyone else, because you need both the token and your company's api secret to charge anything, and even then, all they can do is send (easily refundable) money to your account. |
|
|
If such a provider could also SMS you on your chosen # to confirm the purchase then the system would be secure!