Suggestion for Making Credit Cards more Secure

greenspun.com : LUSENET : S-Mart Shopping Cart : One Thread

I've seen a lot of people expressing an interest in making the credit card information more secure. Since the credit card numbers currently are sent through e-mail they are really not secure. Here's what seems like a very easy way to encrypt the numbers so that they don't appear correctly. Take the users credit card number and mutliple, or divide, or add, or any number of mathematical things to the number. Lets say the credit card number is 1234. You might choose a formula where s-mart doubles the number and subtracts 100. That would make the number 1234x2=2468 minus the 100 would be 2368. That way when a user types in their number 1234 it would show up in the e-mail as 2368. You would then know to add 100 to the number and divide it by 2 to get the real number.

It's not a perfect system but would however make the number that comes through not be valid at all unless you know the decoding method. I'm going to try to play with the script and see if I can make it work. If anyone has any ideas how to do this easily please drop me a line.

Thanks!

-BP

-- BP (bppilot@aol.com), September 08, 1998

Answers

Hi,

Another way would be to change the one input cc box to four boxes each with there own number. Example "cardnumber1=" "cardnumber2=" "cardnumber3=" "cardnumber4=" and change "size=4 maxlength=4" then scramble the order they print in the e-mail so when you recieve them only you know the correct order. If you feel this is not enough you can add the above suggestion to make it more secure and we all know making your customers feeling secure on line turns into money in your pocket.

Jim

-- James L. Farmer (jim@team-blankets.com), June 08, 1999.


The other thing you can do is in the code for the credit card number field include the following exclude="1". When this value is set to 1 the script does not send the field in the email.

eg:

-- Kevin (keving@businesswebworks.com), August 02, 1999.


That didn't work very well, one more time:

The other thing you can do is in the code for the credit card number field include the following exclude="1". When this value is set to 1 the script does not send the field in the email.

""

-- Kevin (keving@businesswebworks.com), August 02, 1999.


That didn't work very well, one more time:

The other thing you can do is in the code for the credit card number field include the following exclude="1". When this value is set to 1 the script does not send the field in the email.

"input name="cardnumber" size="20" exclude="1" (<> were left off each end to be able to display properly)

-- Kevin (keving@businesswebworks.com), August 02, 1999.


Moderation questions? read the FAQ