How should I deal with Privacy Concerns?

Discussion in 'privacy general' started by x942, Oct 21, 2011.

Thread Status:
Not open for further replies.
  1. x942

    x942 Guest

    In a few months I am hopping to launch a product. My issue is I am unsure how I should approach users with registration. I (we) will not be selling this in anyway and already have plans to store it in an encrypted database to prevent leaking if we are ever compromised.

    When you buy a product (like a TV, Computer, etc.) and you are required to register your product for the warranty. What information are you okay with giving? (i.e. name, number, etc.)


    Do you prefer supplying it up front or when you are about to claim the warranty?

    Any tips for this are more than welcome. I want to make sure we keep information private and don't ask for too much.
     
  2. Dezaxa

    Dezaxa Registered Member

    Joined:
    Sep 23, 2011
    Posts:
    6
    If you are just collecting basic information such as name, address, phone and email, then encryption is adequate protection. You should use a well-known and public encryption algorithm, such as AES or Twofish, and not try to write your own. You will also need some procedures around it, such as restricting administrator access to the database and the encryption keys. You will also need to write and publish a statement of privacy policy, stating what data you are collecting and for what purpose.

    If you are providing your users with a username/password for logging into your systems, then the passwords should be salted and hashed, again, using a well-known public algorithm. If you are planning to store credit card information, then you will need to comply with PCI regulations, which is a whole different game.

    Personally, I don't mind providing name and email as part of product registration; I'm somewhat less happy about address and phone, although if it is a substantial purchase, this would be OK.
     
  3. x942

    x942 Guest

    Thank you :thumb:

    Right now our servers are using a similar technique to how LastPass works.

    Username + password and Hashed with SHA256 = Encryption Key

    Encryption key + Username hashed with SHA256 = Authentication Token

    We never get your key. Your key is used to encrypt your name, addresss, Credit Card, etc. Decryption happens client side.

    Now unlike LastPass we need that info at some point (when processing the sale). What we do is establish an SSL (AES256) connection with the user. The client decrypts their data with their key, When they go to pay their info is encrypted with our public key we decrypt it, processes the order and never store it.

    The only place it is stored is in your "vault". As we never have the keys even if we are compromised that info can't be leaked on our end.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.