Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: ConservativeMind

Never mind the OS platform, how about just encrypting credit card numbers on their local network?

Heartland Pres., Baldwin said sending all data unencrypted over their internal network is necessary “to get the authorization out”. I think what he means is that internal encryption would delay authorization by a second or two, and besides, it would cost money.

Now I have to worry if my card is compromised. I think the inevitable lawsuits will cost a lot more that fast internal encryption.

My company does encryption on all data and telephone leaving our building. Modern, fast encryption slows transmission very minimally.


17 posted on 01/21/2009 4:15:35 PM PST by jimtorr
[ Post Reply | Private Reply | To 12 | View Replies ]

To: jimtorr
Never mind the OS platform, how about just encrypting credit card numbers on their local network?

Mind waiting 10 minutes for the authorization to go through? Trust me if you decide to encrypt all the transactions you are going to miss every SLA you have.

I think what he means is that internal encryption would delay authorization by a second or two, and besides, it would cost money.

A previous employer decided to do ejb to ejb encryption on a J2EE platform and saw response time go from 2 seconds to 5 minutes. Yes per transaction in isolation you're only talking about 1 or two more seconds but that causes a serious log jam within a shot time and eventually the load on the cpu bring everything to a halt.

The bigger question is what was their security policy beyond encryption. What workstations had direct access to the core network and why was heartlands monitoring of outgoing traffic so weak.

Now I have to worry if my card is compromised. I think the inevitable lawsuits will cost a lot more that fast internal encryption.

We are going to have new cards issued regardless...

My company does encryption on all data and telephone leaving our building.

But not on your internal network!

Modern, fast encryption slows transmission very minimally.

Any encryption worth it is going to slow the processing of millions upon millions of transitions down significantly on a high volume app..

40 posted on 01/22/2009 5:49:48 AM PST by N3WBI3 (Ah, arrogance and stupidity all in the same package. How efficient of you. -- Londo Mollari)
[ Post Reply | Private Reply | To 17 | View Replies ]
To: jimtorr

“Heartland Pres., Baldwin said sending all data unencrypted over their internal network is necessary “to get the authorization out”. I think what he means is that internal encryption would delay authorization by a second or two, and besides, it would cost money.”

Either that, or Heartland does not want to spend the money for their system to be upgraded to use the ability to encrypt and decipher the data.


52 posted on 01/22/2009 10:31:18 PM PST by mjaneangels@aolcom
[ Post Reply | Private Reply | To 17 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson