Safest way to pass credit card number through a multi-step form?
On step 3 I have a form which accepts a credit card, Step 4 re-prints the information including the last 4 digits of the credit card, and Step 5 I need to know the full CC # to process it and send 开发者_如何学Cit through my https connection to a 3rd party vendor - should I store it through hidden inputs or $_SESSION
so I can access it in between the 3rd and 5th step?
FYI: My entire site is already https'd.
Take the credit card number as the last step so you don't have to store it. There are many legal issues around storing that information.
SSL won't protect data stored on disk. Additionally, PHP session data is stored by default in the file system under a temp directory with minimal permissions. So not only is the data stored in plain-text but also can be accessed by many different system users (depending on your web server configuration).
If you want to implement a multi-step checkout process I'd suggest doing some AJAX/Javascript magic on the browser side. You can collect the billing information using a series of DIVs that are hidden/collapsed and post the complete data set in one go, sending the CC data one-time to your server, which then relays the CC data to your payment processor.
Definitely not in a hidden form field. If the user walks away or saves the page or someone hits the back button, then full CC information is available. The computer may be shared with others.
If you do persist the CC to disk/database then the CC must be encrypted otherwise you would be violating Payment Card Industry (PCI) requirements. You could keep the last 4 digits in the clear separately for convenience.
Note if you go with sessions (for other reasons) you have to take care of attacks on session including but not limited to session fixation.
One other possibility is to rework your client side such that the various steps are just ajax calls (cc is in js variable not in form field) and use CSS to display/hide various divs - on the final step post the entire information to your server.
Don't store it at all. There are lots of credit card processing facilities out there. Unless you absolutely must have this functionality in house, don't do it.
- Amazon Payment Services: http://aws.amazon.com/fps/
- BrainTree Payment Solutions: http://www.braintreepaymentsolutions.com/
- Chargify: http://chargify.com/
- Paypal: https://merchant.paypal.com/
- Authorize.Net resellers: http://www.authorize.net/solutions/merchantsolutions/resellerdirectory/
Seriously, take your pick.
neither way. you should store it (somehow) encrypted on the server.
精彩评论