Author: Roger Munford Date: To: hampshire Subject: [Hampshire] Handling credit card details securely
I would like to put the following scenario past you for comment because
I do not want to inadvertently create risks.
I have been doing some work for a company who deliver fresh food on a
weekly basis. They use a payment gateway for credit card payments from
a desktop system strictly non web. To avoid holding the credit card
details on the desktop the credit card details are taken by phone and
are sent immediately to the payment gateway via a small application that
they supply. In return we get back a token that we can use whenever a
payment is required. Below the surface the application is a SOAP client
talking to a SOAP server.
The company would like to take credit card details along with name and
address etc from their hosted website when a new customer registers. The
hosted website uses the LAMP stack the P being PHP.
I have written some PHP code to receive the customer details. The credit
card details are sent off to the payment gateway via SOAP and a token
returned. The token and the rest of the customer details are stored in a
MySQL table until they are downloaded into the desktop during office hours.
The credit card data comes from a POST form vis https and is then
forwarded to the payment https server using SOAP. The far less sensitive
token is returned and stored in the database. It appears that the credit
card information is only available during the lifetime of the process.
It all works fine and was the suggestion of the payment people. The bank
has given it the nod.(That is not a technical approval, just "that'll
cost more")
Are there any glaring vulnerabilities in this scenario?.
