Security Practices when Dealing with Money

Suppose I wanted to build a website that deals with and facilitates monetary transactions. Examples of include the website for a bank, WePay/PayPal, or some kind of trading exchange like MtGox (they deal in bitcoins and were recently hacked).

What are the necessary security requirements that must be met? The basics are obvious: never trust user input, purchase an SSL certificate and run traffic through HTTPS, and store only password hashes using an algorithm like bcrypt.

However, for something as daunting as dealing with money, I feel like their must be a whole host of additional开发者_C百科 practices I'm oblivious too. Can someone fill me in?

I guess it depends on how hands on you are with the transactions. If you intend to do ANY processing of card holder data on your servers you will need PCI compliance (at least here in the UK and in the US) the level of PCI compliance will vary depending on the number of transactions and how you intend to process your data.

Read more at https://www.pcisecuritystandards.org/

Without knowing more about what data/how you intend to use it it would be hard to give any more detail.

Conversely, if you just want to have the facility to take money and are happy to use a 'hosted' solution, you wont need anything more than an SSL.

Usually, the security properties you're trying to preserve in a financial system are

1. Conservation of currency.
2. Only authorized access to money.
3. Privacy of account info.

The OCAP mint example describes several useful security properties financial systems are often concerned with

1. Only someone with the mint of a given currency can violate conservation of that currency.
2. The mint can only inflate its own currency.
3. No one can affect the balance of a purse they don't have.
4. With two purses of the same currency, one can transfer money between them.
5. Balances are always non-negative integers.
6. A reported successful deposit can be trusted as much as one trusts the purse one is depositing into.