Rank: Member
Joined: 4/8/2008(UTC) Posts: 21
|
One of our clients, in response to keeping up with PCI compliance, wants to change their credit card encryption key. Is their anyway way to do this outside of going into the database and changing "Cryptography3DesKey" in webapp settings? Also, what is the format of the key (length, valid characters) if I want to generate a new one?
|
|
|
|
Rank: Member
Joined: 11/5/2003(UTC) Posts: 1,786
|
There is no automatic way to do this. This is the main reason why PCI-DSS application certification is taking so long from us. We have to create a mechanism to 1) securely manage keys, 2) allow key changes at the click of a button at least once a year.
This involves keeping track of which items are encrypted with which keys and then decrytping them, then encrypting them again with a new key.
BV Commerce Hosted will manage this automatically. BV Commerce Toolkit will get this feature as part of a PCI Compliance update. Don't ask for a date. We just don't know yet.
|
|
|
|
Rank: Member
Joined: 4/8/2008(UTC) Posts: 21
|
|
|
|
|
Rank: Member
Joined: 4/8/2008(UTC) Posts: 21
|
In order to be PCI compliant, I wrote a program to re-encrypt the credit cards in BVC 5.3.2, but found also that users whose passwords were TripleDESEncrypted were unable to log-in afterwords. However, in the code, I see no relation between WebAppSettings.CryptographyDS3Key and the code used to decrypt passwords. Is there any reason why changing the credit card encryption key would cause users to be unable to log in?
Also, I recently restored a Win 2008 server running BV5.3.2 onto a new machine. The site operated extremely slowly, particularly, I noticed it was taking 15 seconds to validate the BVlicense twice per page call in UserAccount.[2]DoesUserHaveAllPermissions().[/2]
Is there any reason why moving a server to new hardware would cause a delay in validating the BV License?
Thanks,
Marco
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.