Q: How secure is the encryption used by SSL?
SSL uses public-key encryption to exchange a session key between the
client and server; this session key is used to encrypt the http
transaction (both request and response). Each transaction uses a
different session key so that if someone manages to decrypt a
transaction, that does not mean that they've found the server's secret
key; if they want to decrypt another transaction, they'll need to spend
as much time and effort on the second transaction as they did on the
first.
The SSL encryption will take care of network transmission. But we
don't want to make it easy for just anybody, even those with access
to our system, to view your number. The number is encrypted before
ever being written to a file.
First of all, after you enter your number, it is kept in memory only until
until it is encrypted. At that time, it is scrubbed from the program's
memory. The now-encrypted card number (with the password only known
to our order entry personnel) is then written to a file with
permissions set so only the program can get at it.
And the program will never send even the encrypted number via
the network, only write it to disk.
After the number is written, if you actually place the order, the order
information will be saved in that file only until we process your order with
our ordering system, usually the same or next business day. At that time,
the encrypted number will be overwritten with data, to make sure it is
wiped from the disk, then the order information deleted.
If you have entered your credit card number and decide not to
submit your order, the encrypted number will remain on disk for
no more than one day. At that time, the sessions on the system that are
older than one day will be expired, after any encrypted
credit_card_no fields are overwritten with meaningless data, and
removed from the session database.
