Secure Form Results Sent via Email

Forum Moderators: coopster

Message Too Old, No Replies

Secure Form Results Sent via Email

Is there a way?

bumpaw

11:58 am on Aug 9, 2005 (gmt 0)

I have a client who does not want a cart but instead wants a form to send him an order with credit card information included. The form is PHP and at present just drops an email on the owners mail server that's insecure. In my limited experience https wouldn't give security here, and if not what whould?

coopster

12:09 pm on Aug 9, 2005 (gmt 0)

Something along these lines?

Emailing Credit Card Numbers? [webmasterworld.com]
how to secure an email form? [webmasterworld.com]
Best way (and cheapest) to encrypt online e-mail form data [webmasterworld.com]
Secure Website Applications... [webmasterworld.com]

bumpaw

12:45 pm on Aug 9, 2005 (gmt 0)

Thanks coopster! You are like lightening. I read it all except the first one which is restricted apparently in the subscribing members area.
I'll send a link to the client and let him check it too.

FiRe

1:05 pm on Aug 9, 2005 (gmt 0)

A good way of sending secure form results via email is to do the following:

1. On the form page set a session, then test for that session on the page that sends the results. This will eliminate results coming from a different form.
2. Turn off error reporting, dont reveal PHP errors to the public.
3. Use functions such as htmlspecialchars() to stop someone trying to manipulate the email received.
4. Log additional information such as the IP, browser and referer.

jatar_k

3:54 pm on Aug 9, 2005 (gmt 0)

a few thoughts, though probably those threads from coopster covered them

never send any sensitive or personal data in email

you are responsible for the information and if someone manages to get their hands on it, you're at fault and could get in a serious amount of trouble

there are multiple things you need to consider here

secure the form
secure the CC number storage method on the server
find a secure way of getting the CC info off of the server once submitted
secure the desktop/local machine where you will put the CC info after it is removed from the web server

and another very important one
Secure the server

is this a shared host? is it possible that another user on this host could get access to your data?

bumpaw

4:38 pm on Aug 9, 2005 (gmt 0)

is this a shared host? is it possible that another user on this host could get access to your data?

Yep it's shared. He bought into a Merchant Account that was designed to interface with a cart or receive orders by phone. The nature of his business won't allow him to have an inventory that's not subject to availability check. He grows plants and they are not always ready to dig and sell.

He is hoping to use his form which is now an order form subject to availability. He wanted to do CC's and transmit the CC data with the tentative order.

I'm thinking that in the end he will opt for giving the secure info over the phone and if that works out maybe later spend some money on a tech solution.

[edited by: bumpaw at 4:57 pm (utc) on Aug. 9, 2005]

jatar_k

4:40 pm on Aug 9, 2005 (gmt 0)

sounds like an intelligent solution

bumpaw

5:48 pm on Aug 9, 2005 (gmt 0)

My web hosting support offered this idea:

If you create a form on your site (which can be accessed only over [),...] this form sends the results to an address at the same domain, and then a user checks the mailbox with Webmail over https:// (or with some IMAP program over SSL) - the information will be secure and it cannot be intercepted by any third party (or malicious user)

jatar_k

1:02 am on Aug 10, 2005 (gmt 0)

as long as that mail never goes outside then that should work as well