Posted by Paul Furman on 03/02/07 02:23

Thanks for the comments but I've solved it in a pretty simple way.
Interesting read though.
Here's my reply to 'C.' above:

I got it working (test mode so far) and really all it does is gather the
response code. The user & shopping cart info is already stored in
cookies so the script knows who's cart to confirm. I think I'm alright,
that's why I'm letting the CC server handle all the sensitive info. If
someone could hack into my system's login, they could get names &
addresses but not credit card numbers. Worst case is maybe they screw up
our inventory numbers but there's no money to be had on our server.

Well, I need to look at the fingerprint hash script, theoretically that
stuff could be used to hack the CC server. They suggest setting
permissions on the password data file to only respond to my script
though I'm not sure how to do that.

Gordon Burditt wrote:

> It also wouldn't be a bad idea that the page used by the payment
> processor to POST to is restricted to a very small number of IP
> addresses owned by the payment processor (e.g. Apache .htaccess).
> Ask the payment processor about this.

Ah this makes sense, something I'm familiar with... perhaps that's a way
to protect the password data file. The CC setup is pretty secure though,
they don't require us to encrypt or protect that, it is sent as a binary
hash thing (not sure how that works exactly):
(bin2hex (mhash(MHASH_MD5, $data, $key)))
etc.

[Back to original message]