Hi guys,

From what I understand, the process of Ubercart Credit Card goes something like this:

1. User adds items in cart
2. User goes to check out
3. User enters his info, including CC#
4. User clicks "Review order"
5. User clicks "Process"
6. User is happy 8-)

Between steps 4 and 5, the credit card number is saved in our database. That is secure, we have a key and the data is fully encrypted in the database (Although the key is somewhere on the drive, so the security is not so good if someone enters the server, but that is really not supposed to happen!)

The review process is usually very short, so the span when the complete CC information is in someone's database is small.

Up to here, I'm happy enough. Anyway, I don't really see much else we could do.

However, say I have 100 sales every day (nice little store), and of course, anyone can buy at any one time. On my end, I want to make a backup of the database once a day, just in case (I know a mirror would do a lot better, and I may do that instead...) I have PostgreSQL, although it would be similar with MySQL. I run the pg_dump command to generate the backup. Something like this:

pg_dump db_name >db_backup

From what I understand, that means I may actually get the full credit card number in that backup. Isn't that correct?

If so, what would be your idea on how to handle that case?

What I'm thinking right now, would be to simply save the CC#'s in files instead. You have an order number, you could ask the users to enter a path to a folder that Apache does not have access to, and in that folder you'd save a file with the order number as the name. Then we'd avoid the database problem. Of course, people who duplicate the entire cluster of the database would still have the problem... but I don't think that's done much (other than RAID). And using a tool like slone-1 would resolve the problem too since if you change the data (i.e. remove the CC# in the DB) then all those changes are reflected in the slone-1 copy. However, just a slone-1 copy is not safe. If a hacker has access to the database, having a dump is much safer! It keeps a real good & proper track of your website.

Thank you.
Alexis

Comments

AlexisWilke’s picture

AlexisWilke CreditAttribution: AlexisWilke commented
Issue tags: +credit card

Adding tag Credit Card to this issue.

univate’s picture

univate CreditAttribution: univate commented
Category: bug » support
Status: Active » Fixed

Credit card details are not stored in the database for any normal transactions in the core supported gateways - of course if you are using a separate payment gateway that does store them thats an ubercarts issue, but an issue with your gateway.

The only time they are stored is if you are using the test_gateway and you also usually need to enable the debug option in that module.

So there is no issue with just backing up your database.

Status: Fixed » Closed (fixed)
Issue tags: -credit card

Automatically closed -- issue fixed for 2 weeks with no activity.

Issue tags: +credit card

Restoring issue tags, see #2125755: System messages removed all issue tags during D7 upgrade.