Email bank account information from form

A client wants a registration form on their website which contains, among other fields, spaces for bank account information (including sort code and account number). The form will not submit the data to a database, so there is no storage of this information, but it will email the client with this information.

My question is, what are the security issues with emailing bank account information, and are there any accepted protocols / methods for maximising security?

Answers


Data security is vital for everybody dealing with payment data, because nothing is more important than keeping this kind of data as secure as possible. Bank account information definitely are to be dealt with highest care.

What are the security issues with emailing bank account information?

Well, everybody with access to this email (may it be the email provider or whoever is hacking into the SMTP traffic) can read the data. Therefore it is a big security issue, since you cannot control who has access to this. And you have even less control over what people do with this data.

Advice is not very easy to give here, this highly depends alot on what you have to code and which is the system enviroment, therefore my advice is only in a very general sense:

  • Don't send bank information data via email.
  • Use highly encrypted methods (SSL/HTTPS).
  • Always have control over who has access to this kind of data.
  • Ask questions, like: If you don't want to store the data, to what purpose do you want to send it via email?

This list can go on and on.

There are some very extensive standards out there. For this kind of data, I recommend following the advices given in PCI DSS. Its main purpose is protecting card data, but its recommendations are also applicable to other topics.


Need Your Help

scriptaculous: onmouseover /onmouseout for several ids and flickering problem

javascript function scriptaculous onmouseover onmouseout

Hi so basically what I want to do is to have the same event happen to different images and only write the code line one time in a .js file. This should be very basic but I can't find any easy guide.

How to remove quotes in TCL string by using 'string map'

csv tcl double-quotes

I am really stuck with this problem for some hours now. I am writing the output of my TCL script to a .csv file. Theoretically it should have 130 lines, but it stops afther line 117, where the first

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.