View Full Version : Credit Card encryption in PHP / Mysql

06-15-2006, 05:15 PM
Hi there
I have a registration form where the user inputs their credit card number. I recently read that the CC number has to be encrypted before submitting a form...

has anyone ever done something like this? Just wondering how I can go about encrypting this data on an HTML/PHP form that stores the data in a MySQL DB.


ralph l mayo
06-15-2006, 06:29 PM
How is PHP going to encrypt the data *before* it's submitted? It doesn't get anything until after submission. You probably want to buy an SSL certificate and use it with openssl/mod_ssl to to encrypt the connection (relatively) transparently. It's possible but not particularly confidence inspiring on the user end to just use a javascript SHA hash algorithm and submit data through that.

edit: oh yeah, hashing won't work :/ n/m that last part, but their may be some strong two-way encryption possible available in javascript. SSL is obviously a better choice.

06-15-2006, 08:05 PM
I thought of using md5 for encryption... would that do?

06-15-2006, 08:17 PM
It would make the card details unreadable as md5 is a one way algorythm, and therefore, not what you need. Have a look at the php mcrypt library for 2 way hashes.


06-15-2006, 08:22 PM
I wasn't going to get involved in this but here i go...

Firstly you should not even consider credit card numbers if you cannot provide what you feel to be every possible measure to ensure making the data as secure as possible.

As standard this starts with SSL capabilities, this, used correctly, can encrypt the communications between the client and server so if they are intercepted it is not just the raw numbers, this provides one level of security.

Then, are you proposing that you store peoples credit card numbers? Also, proposing you store them using MD5, for what purposes would you want to store them, so that they do not have to type it in next time, if this is the case then MD5 would not be appropriate. MD5 is a hash encryption, this means that it is a one way encryption, as soon as you use it in theory it cannot be reverse engineered to produce the original data, this would mean that as soon as you store your data with MD5 encryption you would not be able to retrieve the actual number, i do not think this is what you want. Also on a sidenote, i said in theory as MD5 has been cracked so is no longer deemed a secure enough method for hashing important data. For the retrieval of data you would need to use a reversible encryption method, this introduces more security issues as it mean someone else may also be able to reverse the encryption, if this was to happen then unless you could prove that you provided every possible measure to stop this happening then you could be deemed liable.

I think you should take into consideration whether you can take this task on without a lot more research, if this poject is only as research then continue but do not use real card numbers.

I hope this has been some help and what i have said here has only scraped the edge of security and is not a definative list of what you need, basically a lot more research is needed by you before you consider this task, not only into the details of how to do it but also the implications of what come back on you it could have if problems were encountered with the security of it.

Don't take this as too much of a negative, just some advice for more research. :thumbsup:


As for an actual encryption method...
Symmetrical: This is where the same key is used to both encrypt and decrypt the data.
Asymmetrical: This is where a different key is used to encrypt the data than to decrypt the date.

For credit card numbers i would feel asymmetrical encryption would be an essential factor to aiding the security as to encrypt the data the user has to have 'access' to the Public Key; this is the key used to encrypt the data. By access in the case it just means that it has to be in the code although it still means if there is even a minor flaw in your code that allows them to inject any malicious scripting then they could gain your key, as soon as this happends with symmetrical encryption they have the ability to read all your card numbers.
With assymetrical encryption it is designed so that you can give out your Public Key to allow people to encrypt data to send it to you as from here they are not able to decrypt the data, for a strong asymmetrical encryption there should be no link between the public and the private keys and there are many varieties currently available that maintain this.

To link this is slightly better to the task PHP does not have an inbuilt asymmetrical encryption method so you would have to look into an addon script to add this functionality. An example would be GnuPG if you are permitted shell access on your webserver.

Sorry to have wrote such a long essay it can be more efficient to address some points in a block rather than lots of short messages to comments. Hope this is still of help!
lavinpj1: What asymmetrical encryption is in MCRYPT, i cant think of any?