Evergreen

Bug #1474051
Comment #1

Comment 1 for bug 1474051

Revision history for this message

Rogan Hamby (rogan-hamby) wrote on 2015-07-13: Re: [Bug 1474051] [NEW] Avoid storing partial credit card payment info

I'd be in favor of blocking. Because of PCI compliance we've modified the
staff client so that staff can't attempt to type anything in there and I
routinely wipe anything in the database.

On Mon, Jul 13, 2015 at 12:24 PM, Bill Erickson <email address hidden> wrote:

> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some card
> data is stored locally in the EG database. Retaining even partial
> credit card payment information considerably raises the bar for PCI
> compliance. Since most vendors (I think, certainly PayPal) allow you to
> retrieve payment information directly from them with the approval code /
> order number, storing the data locally in Evergreen is also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_card_payment:
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> ** Affects: evergreen
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to
> Evergreen.
> Matching subscriptions: evergreenbugs
> https://bugs.launchpad.net/bugs/1474051
>
> Title:
> Avoid storing partial credit card payment info
>
> Status in Evergreen:
> New
>
> Bug description:
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some
> card data is stored locally in the EG database. Retaining even
> partial credit card payment information considerably raises the bar
> for PCI compliance. Since most vendors (I think, certainly PayPal)
> allow you to retrieve payment information directly from them with the
> approval code / order number, storing the data locally in Evergreen is
> also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_card_payment:
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/evergreen/+bug/1474051/+subscriptions
>

I'd be in favor of blocking.  Because of PCI compliance we've modified the
staff client so that staff can't attempt to type anything in there and I
routinely wipe anything in the database.

On Mon, Jul 13, 2015 at 12:24 PM, Bill Erickson <berickxx@gmail.com> wrote:

> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> Evergreen 2.8
>
> When a (non-Stripe) credit card payment is made in Evergreen, some card
> data is stored locally in the EG database.  Retaining even partial
> credit card payment information considerably raises the bar for PCI
> compliance.  Since most vendors (I think, certainly PayPal) allow you to
> retrieve payment information directly from them with the approval code /
> order number, storing the data locally in Evergreen is also redundant.
>
> I'd like to propose that we drop (or anonymize, or leave blank) the
> following columns in money.credit_card_payment:
>
> cc_type
> cc_number (last 4)
> expire_month
> expire_year
> cc_first_name
> cc_last_name
>
> Thoughts?
>
> ** Affects: evergreen
>      Importance: Undecided
>          Status: New
>
> --
> You received this bug notification because you are subscribed to
> Evergreen.
> Matching subscriptions: evergreenbugs
> https://bugs.launchpad.net/bugs/1474051
>
> Title:
>   Avoid storing partial credit card payment info
>
> Status in Evergreen:
>   New
>
> Bug description:
>   Evergreen 2.8
>
>   When a (non-Stripe) credit card payment is made in Evergreen, some
>   card data is stored locally in the EG database.  Retaining even
>   partial credit card payment information considerably raises the bar
>   for PCI compliance.  Since most vendors (I think, certainly PayPal)
>   allow you to retrieve payment information directly from them with the
>   approval code / order number, storing the data locally in Evergreen is
>   also redundant.
>
>   I'd like to propose that we drop (or anonymize, or leave blank) the
>   following columns in money.credit_card_payment:
>
>   cc_type
>   cc_number (last 4)
>   expire_month
>   expire_year
>   cc_first_name
>   cc_last_name
>
>   Thoughts?
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/evergreen/+bug/1474051/+subscriptions
>