More information about the Underscore mailing list

[_] Website form sending a secure email via third party?

Oliver Humpage oliver at watershed.co.uk
Tue Jul 13 11:18:43 BST 2010

On 13 Jul 2010, at 10:13, John Norsworthy wrote:

> Any ideas or recommendations on sending secure data (credit card
> details) via a third party? The function to pgp encrypt form data
> from our site is failing us right now and we need to take (send a
> secure email to the client) bookings for an event.

Obviously the message has to be encrypted before it leaves your  
server, so you'll have to do *some* PHP work.

Only GPG (or some such PKI tool) is going to provide the most complete  
security that comes from the server itself not having any key with  
which to decrypt the message. With any other non-PKI form of  
encryption, the server will have to store a plaintext key/password  
somewhere, so if someone manages to get into the server they might be  
able to get that key and decrypt your messages.

So if you can get GPG working, even by just encrypting the message  
body using shell commands like at http://devzone.zend.com/article/ 
1265 , that'd be best.

If you can't use GPG on the command line, and your PHP has mcrypt  
installed, just use functions like http://www.php.net/manual/en/mcrypt.examples.php 
  to encrypt your message before sending it. This would require some  
kind of decoder at the client end, though.

If none of the above are possible, another solution is to use the  
Gmail API (which works over SSL) to upload a message directly into an  
Inbox. You'll be storing the username/password to access the Inbox in  
your script, but since the API is SSL, and the gmail web interface is  
SSL, the data will remain encrypted when travelling over the internet.  
It still feels a bit wrong, though, and I'd say this is the least  
secure solution since your gmail account could be hacked.

Oliver.