Encryption And Storing Credit Cards

Mar 24, 2007

We need to store credit cards for a limited amount of time because we charge for orders as they ship and occasionally the authorization expires before the item can ship.

I know I can use AES_256 to encrypt our credit cards but I am not sure if all I need to do is follow the directions in the "How-to" for encrypting data.

I created the master key, backed it up off the server the certificate and the symmetric key and I can encrypt and decrypt data.

Is this all I need to do or am I missing something?

View 4 Replies


ADVERTISEMENT

Credit Card In Range Of Cards

Oct 17, 2005

Hi ,

we have CreditCardRange table

create table CreditCardRange(
ccr_CudtomerID int,
ccr_CardRangeFrom char(16),
ccr_CardRangeTo char(16)
)

table Orders
ord_id int
ord_CudtomerID int,
ord_CardNo char(16)


Example values in table CreditCardRange
1 , 5000 0000 2000 1234 , 5000 0030 3000 1356

Example values in table Orders
1, 1, 5000 0010 2000 2333

Does sql provide any magic finction to help in following select

select T1.*
from Orders T1
join CreditCardRange T2
on T2.ccr_CudtomerID = t1.ord_CudtomerID
and
SQLMagicFunction(T1.ord_CardNo)
between
SQLMagicFunction(T2.ccr_CardRangeFrom )
and
SQLMagicFunction(T2.ccr_CardRangeTo )

View 2 Replies View Related

Credit Cards In Sql Server Table

Sep 11, 2007

Dear All,

I need to keep credit cardd details in a an SQL server table.

What's the best way to make sure data is secure? Is there any built in encryption that can be used so data is not stored as text?

Thanks

View 3 Replies View Related

Credit Card Number Encryption

Aug 11, 2000

Is there any tool available that can encrypt Credit card numbers or other fields stored in the database? For example, when a customer enters his credit card number or his password on the site, is there a way by which the Front end can encrpt the field before storing it in the database and decrypt it when it the customer requests it, through the application?

Thank you in advance
Praveena

View 12 Replies View Related

Reporting Services Within The Report Calling Encryption Software To Decrypt Credit Card Details

Aug 23, 2007



Hello Everyone

As part of UK compliance, we are going to start use an encrytption package (GNUPG), which will be running on a different Server to Reporting Services. A program has been written in C#, to handle requests (from mainframe and PC applications) to encrypt/decrypt credit card details. The encrypted card details are held in an NCR Teradata data warehouse, which Reporting Services can access. The encryption can be called using a http://server/folder/program?DATA=

In Reporting Services, a Data Source connection will be made, using an OLE DB .NET connection to the Teradata machine. SQL code will be included, which will link tables and retrieving the required fields for use in the report. I want to call the encryption program to decrypt the card number, so the actual card number can be printed in the body of the report.

There will probably be a requirement to write some parameter selection SQL as well, so a card nmuber can be entered as a report parameter field, which the SQL will have to either encrypt first, then process the SQL statement down the tables.

Has anybody use this technique before?


Thanks

Graham N.

View 2 Replies View Related

Need Help Using Wild Cards In DTS

Nov 28, 2005

Hi All

I am new to SQL Server, DTS etc... But here is the question I have:

I have some files in a folder which have a the yr, month, date appended at the end, for e.g. testfile2005_11_28.log
In a folder I have to look for the log files which are named
testfileYYYY_MM_DD.log.

Dim item
For Each item In logFolder.Files
If (UCASE(item.Name) like ("TESTFILE" +"[0-9][0-9][0-9][0-
9]"+"_"+"[0-12][0-12]"+"_"+"[0-3][0-9]" + ".log") )Then
msgbox item.Name
End For

I am getting compilation error: "Sub or Function not found" in the If
statement. Can anyone please help me?

Thanks,
D

View 1 Replies View Related

Are '[ ]' Wild Cards In An SQL LIKE Statement?

Mar 4, 2008

Hi all I am rather confused on about using the SQL LIKE statement along with square brackets. If I type the following SQL command in SQL Server 2005:





Code Snippet

SELECT * FROM Table1 WHERE Field1 LIKE '%[ggg]%'
All rows from my Table are selected. ^^

If I used this command:




Code Snippet


SELECT * FROM Table1 WHERE Field1 LIKE '%ggg%'



No rows are returned. ^^

PLEASE NOTE THE USE OF SQUARE BRACKETS IN SQL LIKE STATEMENT.

Thanks for responses, Onam.

View 4 Replies View Related

Using LIKE And Wild Cards In Form Query

Dec 11, 2006

Hi,
I am using Visual Studio 2005. I am trying to create a ASP.net website and use a web form to get the results of an enquiry. It is almost the same as the presentation video on this website called "How to Create Data Driven Website", but I have added a new twist to it.  I want to use the "LIKE" instead of "=" in my SQL statement and I want to use wild cards in the parameter value that I enter.
<form id="form1" runat="server">    <div>        &nbsp;<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<%        dim str as string = "%" & textbox1.text & "%"        </%>        <asp:TextBox ID="TextBox2" runat="server" Visible="False" Text=str></asp:TextBox>        <asp:Button ID="Button1" runat="server" Text="Submit" Width="87px" BackColor="Khaki" ForeColor="Navy" PostBackUrl="~/Default.aspx" />
and the ControlID of the Datagrid will take in the value of "TextBox2" instead of "TextBox1" as so:
   <SelectParameters>                <asp:ControlParameter ControlID="TextBox2" DefaultValue="SO06000001" Name="SO" PropertyName="Text"                    Type="String" />
 However the syntax above does not work. May I ask what is the correct syntax?
Thanks.
Peter
 

View 2 Replies View Related

MOD 10 (Credit Card Validation)

Jul 13, 2004

Does anyone have any strings or links I can use to help with creating a mod-10 stored proc?

I am really stuck on step 1, which is flipping the numbers (ex 1234 -> 4321)..

Any information pretaining to MOD-10 and MSSQL would be MUCH appriciated..

View 2 Replies View Related

SQL Security :: Encryption 2005 - User Defined Function For Encryption And Decryption

Oct 7, 2015

I have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.

best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.

SELECT ID FROM table WITH (NOLOCK)
                     WHERE dbo.DecodeFunction(column) = 'value'

When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.

View 3 Replies View Related

Checking Credit Card Date ....?

Dec 17, 2007



Hi friends,

I am new to SQL developement ( am .Net developer). I need to implement a stored proc in sql 2005 on CC expiration task.

I have CC exiration date.
By using expiration date (like '01/08'),

Conditions are:

1. If CC expiring within 31 days. Stored proc will write the Customer data in EmailNotification table with message type =1. (Customer will not get second notification until 14 days before expiring)

2. If CC expiring within 14 days. Stored proc will write the customer data in EmailNotification table with message type =2. (Customer will not get second notification until 11 days before expiring)

3. If CC expiring within 11 days. Stored proc will write the customer data in EmailNotification table with message type =3. (Customer will not get second notification until 2 days before expiring)

4. If CC expiring within 2 days. Stored proc will write the customer data in EmailNotification table with message type and update orderStatusID to On Hold CC Expired in order table.

My Tables are

1.

TABLE [dbo].[Order](
[OrderID] [int] IDENTITY(1,1) NOT NULL,
[CustomerID] [int] NOT NULL,
[CustomerCode] [nvarchar](12) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[DateCreated] [datetime] NOT NULL,
[DateOrdered] [datetime] NOT NULL,
[OrderTypeID] [int] NULL,
[OrderStatusID] [int] NULL,
[LastProcessDate] [datetime] NULL,

2. CREATE TABLE [dbo].[Payment](
[PaymentID] [int] IDENTITY(1,1) NOT NULL,
[OrderID] [int] NOT NULL,
[OrderPaymentType] [nvarchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[PaymentType] [nvarchar](2) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
[CreditCardNumber] [varbinary](max) NULL,
[Last4DigitsOfCreditCardNumber] [nvarchar](4) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[ExpirationDate] [varbinary](max) NULL,
[CVV2] [varbinary](max) NULL,
[Amount] [numeric](18, 2) NOT NULL

3. CREATE TABLE [dbo].[Customer](
[CustomerID] [int] IDENTITY(1,1) NOT NULL,
[CustomerCode] AS ([dbo].[udf_FormatCode]('RS',[CustomerID])),
[Email] [nvarchar](100) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[FirstName] [nvarchar](20) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[MiddleName] [nvarchar](20) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[LastName] [nvarchar](20) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
[DateCreated] [datetime] NOT NULL,
[DateModified] [datetime] NOT NULL,
[MembershipTypeID] [int] NULL


Please atleast basic structure of stored proc code. It will greatful to me.

Thanks in advance

srikanth

View 3 Replies View Related

OCA Credit Count Any Certification For Microsoft

Mar 20, 2007

I have successfully finish Oracle OCA Exam. Currently I am Microsoft Certified Database administrator(MCDBA) I would like to know there is any way I could use OCA Credit to any Microsoft Exam. If any advice will be helpful.
 
Thanks
Faiz Farazi
www.databasetimes.net
Best learning center for Microsoft 
http://www.lascomp.com 

View 3 Replies View Related

How To Avoid Credit Card Details Being Hacked In Sql...

Feb 6, 2008

Hi friends,
i got an issue on my website regarding theft of cc details...sql db contains credit card details table ... it has been hacked by someone...we have analysed that latest cards are misused.. i have tried different scenarios(sql injection) ... what are all the key things have to check and implement .can any one advise please..

thanx in advance,
raj

View 1 Replies View Related

Which Is Better? Storing Data In The Database OR Storing It In The File System

Dec 29, 2006

Hello there,I just want to ask if storing data in dbase is much better than storing it in the file system? Because for one, i am currenlty developing my thesis which uploads a blob.doc file to a web server (currently i'm using the localhost of ASP.NET) then retrieves it from the local hostAlso i want to know if im right at this, the localhost of ASP.NET is the same as the one of a natural web server on the net? Because i'm just thinking of uploading and downloading the files from a web server. Although our thesis defense didn't require us to really upload it on the net, we were advised to use a localhost on our PC's. I'll be just using my local server Is it ok to just use a web server for storing files than a database?    

View 6 Replies View Related

Transact SQL :: How To Divide Amount By Cash And Credit Card

Nov 19, 2015

I have typed a query by combining multiple tables to show sum of TotalReceivedAmount by MRN. It also have payment mode which is paid by cash or credit card. Now the query shows the sum for MRN combining all the payment done by credit card and cash. How am I supposed to show the amount paid by credit card and cash separately?

Here is the query :

SELECT Distinct     dbo.CA_Payment.MRN, dbo.CA_Patient.FirstName, dbo.CA_PaymentModeMaster.Description AS PaymentMode, 
CASE (dbo.CA_Payment.PaymentModeID) WHEN 2 THEN dbo.CA_Payment.CardNumber END AS CreditCardNumber, CASE (CA_Registration.PatientTypeID) 
WHEN 1 THEN dbo.CA_PatientTypeMaster.Description WHEN 2 THEN dbo.CA_DebtorMaster.DebtorName END AS Debtor, 

[Code ....

View 6 Replies View Related

Max Of Sum - Return ClientID And Credit Card Type With Highest Spending

Apr 20, 2015

I have this data:

clientcreditCardamount
1A10
1A20
1B40
1C5
1C10
1C20

I need to write a query (Oracle) that will return the clientID and the creditCard type with the highest spending :

In this case:

clientcreditCard
1B

View 4 Replies View Related

Decrypt Credit Card Number For Reporting Services Report

Jul 20, 2005

Hi,A co-worker is creating a vb.net web application which uses theCryptKeeper.dll to encrypt credit card numbers into a sql database.It is my job to pull these encrypted numbers and use the decryptmethod of this dll to show the credit card numbers on a ReportingServices report. I'm not even sure where this should be done. In thesql stored procedure or in the report itself? Any help would begreatly appreciated.Thanks in advance,Amy Bolden

View 1 Replies View Related

Encryption

Aug 4, 2000

I was wondering if anyone out there knows if it is possible to encrypt a particular field in a table, or encrypt a whole table. The info would remain on my database and not be sent out anywhere, but I just want an extra level of security against anyone who might try to break into the database.

View 2 Replies View Related

Encryption

Feb 23, 2000

Is there a function that can encryp the data in a table(or certain column)?
So if the table or column was query the person would see something like " !#)&%^#@ ". suggestion are welcome.


Kevin

View 1 Replies View Related

ENCRYPTION

Jun 19, 2002

Hello,

Is there a way to encrypt the data ( I mean actual data stored
in a table)in a SQLServer.
I know how to encrypt procedures, views, Net-libraries ......

Please help!!!!

Thanks.

View 1 Replies View Related

Encryption

Aug 23, 2002

How to get the encryption of certain characters, such as '12345' or 'hello'. Is any function to take regular characters and return the encryption form of those characters?
Please help.

View 1 Replies View Related

H5 Encryption?

Nov 6, 2005

My client requested that the password field of a login table be encrypted using H5 Encryption. I've been searching throughout the net and MSDN for the function or procedure and can't find it. Does anybody know how?

View 1 Replies View Related

Encryption

Apr 23, 2008

I developed a small VB6 application VB6 that get data from SAP sql database

Now they want that the users logon to this small app using the same username & password that they used in SAP

I can read the users' table, I can get the username
But the password is encrypted

Probably with a Function

Anybody know how can I encrypt the typed password so I can compare with the saved password

I don't want to view or modify them, just compare with the password typed by the user

Thanks

JG

View 1 Replies View Related

Encryption

Jul 7, 2005

Hello,
I am needing to migrate an Access database to Sql Server
Express. This database will be distributed as part of a
VB 6 application. This database will have some of the
columns encrypted. My understanding is that SQL Server
Express supports encryption. We will need to be able to
run queries on encrypted data like this, with
LastName being an encrypted column in the database.

Select LastName from Account where LastName = 'Smith'
Select LastName from Account where LastName Like 'Sm%'
Update Account Set where LastName = sLastName

Can this be done using SQL Server 2005 Express and VB 6?

Thanks!

View 1 Replies View Related

Encryption

Apr 4, 2007

hi all,
ive download some application, but they encrypt their Stored Proc and some Views..
1.how to encrypt SP?
2.is it possible to decrypt whateva that encrypted?

~~~Focus on problem, not solution~~~

View 19 Replies View Related

Encryption

Oct 3, 2007

Hai
I am new to SQL server and working on Encryption.I just want to know whether it is better to encrpt a data in database or in the code itself.I want to encrypt a number and not a text.which one would u suggest RC4 algorithm or pwdencrypt..any one plz reply soon..

View 13 Replies View Related

Reg: Encryption

Oct 3, 2007

Hi. Im new to SQLserver. I need to encrypt a column of datatype decimal. Which is better RC4 Algorithm or PWDencrypt() and PWDcompare().

Sundaresan.R

View 5 Replies View Related

Encryption

Feb 28, 2008

how i can open encrypted stored procedure

View 3 Replies View Related

Encryption

Apr 12, 2007

Hi,
i was wondering if the whole table can be encrypted using MS SQL Server 2005. This at present can be done using third party softwares.
Performance won't be an issue.

Thanks and regards,
Chandrachurh

View 6 Replies View Related

AES Encryption

Jan 11, 2008

I am using server 2005 running on a windows server 2003 platform. I am trying to do field encryption using symmetric key implemented by the AES algorithm. I created an AES key and apparently it encrypts the data with no problem, however when I try to retrieve the data after decryption the field is always null. I tried using the same process while using the DES or RC2 algorithm and I could both encrypt and decrypt information, however it does not decrypt for any of the AES algorithm i.e. AES_128, AES_192 and AES_256. Attached is a simple query I used to test it.


create symmetric key CCardKeys
with algorithm = aes_192
encryption by password = 'P@s$w0rD'

open symmetric key CCardKeys
decryption by password = 'P@s$w0rD'

declare @Id varchar(50)
set @Id = encryptbykey(key_guid('CCardKeys'),'Test')

select convert(varchar(50),decryptbykey(@Id))

close symmetric key CCardKeys

Is there something I'm missing with AES.

Thanks for taking the time to help me.

View 3 Replies View Related

Encryption

Apr 19, 2007

Here is my goal please let me know if it is possible.

I have installed sql express on clients machines. I don't want them to be able to view the sp's or the functions. I would like to go as far as not allowing them to see the tables. I tried with encrption but this is still breakable by the user using the DAC.



Thanks

View 15 Replies View Related

Encryption

Mar 5, 2007

I have a user table with Fields:

UID, name, SSN, phone,address. I need to encrypt all the fields except UID. My company recently moved to sql server 2005 and I have to encrypt old data. We do perform query search based on username and SSN

I have very shallow knowledge of encryption and indexes. I did looked at one of the articles on encrypting data on existing application but could not understand the indexing part(:()

Do i have to define new fields with varbinary as datatype(for ssn, name,phone number) ? I am asking this because in the demo only ssn_index has varbinary and the ssn field is still nvarchar?

Any help will be appreciated.

Thanks,

K

View 11 Replies View Related

Encryption

Sep 4, 2006

I have tried to encrypt by certificate and by symmetric key. In all cases the decryption comes back as null. Any ideas why?

I have used the code from a learnin tree course and the encryption works OK. I have also added a grant to the certificate to the login

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved