I'd be in favor of blocking. Because of PCI compliance we've modified the
staff client so that staff can't attempt to type anything in there and I
routinely wipe anything in the database.
On Mon, Jul 13, 2015 at 12:24 PM, Bill Erickson <email address hidden> wrote:
> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some card
> data is stored locally in the EG database. Retaining even partial
> credit card payment information considerably raises the bar for PCI
> compliance. Since most vendors (I think, certainly PayPal) allow you to
> retrieve payment information directly from them with the approval code /
> order number, storing the data locally in Evergreen is also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_card_payment:
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> ** Affects: evergreen
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to
> Evergreen.
> Matching subscriptions: evergreenbugs
> https://bugs.launchpad.net/bugs/1474051
>
> Title:
> Avoid storing partial credit card payment info
>
> Status in Evergreen:
> New
>
> Bug description:
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some
> card data is stored locally in the EG database. Retaining even
> partial credit card payment information considerably raises the bar
> for PCI compliance. Since most vendors (I think, certainly PayPal)
> allow you to retrieve payment information directly from them with the
> approval code / order number, storing the data locally in Evergreen is
> also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_card_payment:
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/evergreen/+bug/1474051/+subscriptions
>
I'd be in favor of blocking. Because of PCI compliance we've modified the
staff client so that staff can't attempt to type anything in there and I
routinely wipe anything in the database.
On Mon, Jul 13, 2015 at 12:24 PM, Bill Erickson <email address hidden> wrote:
> *** This bug is a security vulnerability *** card_payment: /bugs.launchpad .net/bugs/ 1474051 card_payment: /bugs.launchpad .net/evergreen/ +bug/1474051/ +subscriptions
>
> Public security bug reported:
>
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some card
> data is stored locally in the EG database. Retaining even partial
> credit card payment information considerably raises the bar for PCI
> compliance. Since most vendors (I think, certainly PayPal) allow you to
> retrieve payment information directly from them with the approval code /
> order number, storing the data locally in Evergreen is also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> ** Affects: evergreen
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to
> Evergreen.
> Matching subscriptions: evergreenbugs
> https:/
>
> Title:
> Avoid storing partial credit card payment info
>
> Status in Evergreen:
> New
>
> Bug description:
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some
> card data is stored locally in the EG database. Retaining even
> partial credit card payment information considerably raises the bar
> for PCI compliance. Since most vendors (I think, certainly PayPal)
> allow you to retrieve payment information directly from them with the
> approval code / order number, storing the data locally in Evergreen is
> also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> To manage notifications about this bug go to:
> https:/
>