It looks like the cc_number_enc and cc_cid_enc fields in sales_flat_quote_payment table are encrypted without using any salt. This means that the same plaintext encrypts to the same cryptext, and unfortunately cc_cid is usually only 3 digits long. This makes the encrypted data somewhat vulnerable to a known plaintext attack. This was commented on in the Magento forums as well, when discussing why the cc id is not available by default. ("This method does however provide encryption but is possible to break using a code book algorithm").
Obviously, it would be best to just not store the cc_cid_enc field in the first place, which is the default secure setting for the application. In the chance that a merchant's website is hacked and their database is compromised, they are accepting a hell of a lot of unwanted liability in storing the card id since they are not PCI compliant.
No comments:
Post a Comment