Sign in to follow this  
CrashStar

Programming a safe web application

Recommended Posts

CrashStar    127
I was wondering, what is the best programming language choice for programming a web application that will deal with virtual money accounts? So for instance, take those online poker rooms for example. You pay 100 $ and get 100$ on your account, but that is of course "virtual" money, which you can change for real money any time. So if I would build an web(browser based) application which deals with that, how can I make it "safe enough", so noone can raise it's virtual money on any way, or manipulate application parameters to get more money? Which is the way to do that? Which programming language can I use? What should I be careful about? Guide me in the right direction please.

Share this post


Link to post
Share on other sites
Antheus    2409
Quote:
Original post by CrashStar
What should I be careful about?


The Law:
- gambling regulations in the country where your company will be registered in
- same for the country where you will be hosting your servers
- laws of countries of your player's place of residence

The taxes:
- again, company, hosting and player's country's tax regulations

Fraud prevention:
- Use of such online services for money laundering and tax evasion
- Credit card fraud

Unlike many other aspects, gambling and real money are covered by real world regulation, so get a lawyer.

After you clear all of those issues, you can start worrying about actually implementing such a system.

Quote:
Guide me in the right direction please.


Hire a company that has developed similar systems, or is experienced in dealing with banking and financial applications. Seriously, as soon as you start handling real money, things get incredibly dirty.

Share this post


Link to post
Share on other sites
Decrius    100
I think safety is more up to you then the language...PHP will do, or ASP if you love MS.

Also, you might want to look for other DB's then MySQL...PostgreSQL or Oracle.

Share this post


Link to post
Share on other sites
Nitage    1107
The most important - and always applicable - rule for developing safe web applications is to assume that your server side code will be acccessed by a client that is mallicious and that you have no control over; because this is the case if someone is trying to hack your site.

So forget about the client side. It isn't secure because it can't be secure. The server side is where all your security must happen. Which language you use isn't important - it's possible to write insecure code in any language. What you need to do is to read up on, and understand, the different types of attack that are common - SQL injection, cross site scripting etc.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this