next2heaven — 2012-04-16T16:12:47-04:00 — #1
So I've got a banking client that needs to ask for a Social Security Number on an application form. We've got an SSL Certificate for the site but storing that information or sending it through email doesn't seem very secure to me. Is there a secure way of sending this information to the client?
Is there a service that allows you to create forums with SSN's that will securely store it for you?
serverstorm — 2012-04-16T17:24:53-04:00 — #2
It is almost impossible to guarantee that email is secure.
Although you would need to be extremely careful doing this it is certainly more secure than email. With all other hacking vectors addressed and 2-way hashing the SS and storing it would be the better way to go.
- Store 2 way hashed SS
- Send a email with a link to their information.
- User clicks on email link so you need to ensure that a security challenge is the next action that occurs after they navigate to the link in their browser. You use a message like "As this link contains your private information then please ensure that you don't view this in a public place or public wifi network. For your safety we ask you provide your username and password to view this information.
- Present user authentication challenge
- if the authentication passes then let them view the web page that reports their secure information while also all aspects including images secured under https://
I would not trust a service that does this for you as you don't want to use a public and known algorithm or process. If you are handling this type of information then you need to be very aware of the proper ways to secure it.
For the hashing part of it, you might want to start off with PHP mcrypt to handle your two way encryption of the SS.
Shiflett.org is a good place for you to read about PHP security.
Please continue to be diligent with this as you have seemed to begun on the right track by not just assuming that your SSL secure site, email and unencrypted storage are not safe.
next2heaven — 2012-04-16T17:36:20-04:00 — #3
I was thinking about doing that (the two way encryption) but was wondering about how secure that was in that you'd have to have the cipher in your php script. Anyone at the hosting company could potentially (though unlikely) dive into my script and find/use the cipher to then view the stored SSN. Am I being too paranoid?
oddz — 2012-04-16T23:01:21-04:00 — #4
I've never dealt with managing social security numbers before but I would be quit surprised if no laws exist for that type of security critical information like that of pci for credit card information.
serverstorm — 2012-04-17T17:42:47-04:00 — #5
Yes it is unusual other in the case of the government and medical occupations where SS are normally stored. I think @oddz ; has a great point. A Social Security number is so critical to a person's identity. Getting in the wrong hands can lead to much greater problems than simply the theft of data but theft of the identity is extremely serious. If I was you, I would be looking into all laws or even government recommendations or guidelines in storing this type of data.
This is the reason that most banks, heath and the financial sectors control their own hosting, so they can implement security protocols and screening of the people that have access to the servers that house this type of information.
If you can't control who manages this type of information that indeed it has a weakness of those people getting and using the cipher to access this information. Which again underlines what oddz mentioned.
I am very surprised that your banking client is allowing you to decide where and how SS#'s can be stored. Have you asked them if they have rules dictating this type of storage or processes already in place?
oddz — 2012-04-17T19:31:48-04:00 — #6
I researched this a little because I was curious. Surprisingly ssn's fall under pii (personal identification information). The funny part is the government recommends some type of encryption… recommends. Surprising that such sensitive information does not have laws regarding data storage.
Someone please correct me if I'm wrong.