You are here: Visa Encryption with Sql Server « MsSQL Server « IT news, forums, messages
Visa Encryption with Sql Server

Posted by dmalhotr2001 on 01/10/07 02:53

I was wondering whether anyone ever dealt with encryption that are visa
compliant with credit card numbers:

On 3.4 of this document
(http://usa.visa.com/download/business/accepting_visa/ops_risk_management/cisp_PCI_Data_Security_Standard.pdf)


It states the encryption:

One-way hashes (hashed indexes), such as SHA-1

- Truncation

- Index tokens and PADs, with the PADs being securely stored

- Strong cryptography, such as Triple-DES 128-bit or AES 256-bit with
associated key
management processes and procedures


1. One way hashes cannot be decrypted so this won't work

2. Triple DES works however we will need to encrypt SSN. Triple DES
doesn't encrypt 2 values the same way, so we cannot use it as an
index key that we wanted to. The decrypted value comes out the same
however the encrypted values are always different. We can't do table
scans for a SSN look up.

3. Truncation - I have no idea

4. Index token or PAD seems like one way encryption and never can be
decrypted (not sure what this is for if it can't be decrypted)


So how do I get this to work?? It doesn't say RSA is compliant either.
If you think RSA is okay, where does it EXPLICITLY say that on this
document???

:D

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация