Ask a Question related to ASP.NET Security, Design and Development.
-
Samir A. Mamude #1
Store credit card info with Security
Hello,
How is the best solution to store the credit cardīs info in ASP.NET for
E-commerce site?
What kind of cryptography methods, manipulted with xml, that I could use???
I Look in many sites, but I couldīt find any help
Thx!
Samir
Samir A. Mamude Guest
-
Sending Secure Data (Credit Card info) through PDF email attachments?
Does anyone know if data input INTO a pdf form (with editable fields) can be sent via email (as an attachment) SECURELY? Is this info out there for... -
From validation? [ credit card ]
I want to have a form in my director movie where the user enters their credit card details. Does anyone know how I can validate the number to see... -
Credit card security question
Hi all, I need some advice although it's not scrictly PHP related. What is the prefered method to get credit cards off a web server in an online... -
[PHP] Credit card/Debit card validation
I have a mod10 validation script written in another scripting language. I could try to convert it if you would like but I am sure that someone has... -
Credit card/Debit card validation
Does anyone know of a PHP routine to validate Credit/Debit cards? I've seen some convoluted Javascript scripts but want a PHP version so validation... -
Alek Davis #2 Re: Store credit card info with Security
Samir,
The most secure option would be not to store credit card numbers. Any other
option will provide an invitation to hackers, law suites, embarrassment,
etc., so you should really think twice and consider whether the benefits
outweigh the risks. Anyway, if there is a valid business need to store
credit card info, you should encrypt it (unfortunately, you cannot use
hashing because you will need to get the original plain text values).
Encryption is no big deal here: there are tons of examples on the Web. The
main problem you will need to solve is protection of encryption key, and
there is not silver bullet here. Whether you use a public-private key or
symmetric key, you will need to do something to protect it and it ain't
easy. Depending on the type of your environment, support model, application
requirements, and a number of other factors, you must pick the most secure
option, which suites your needs. I would suggest checking the "Protect It:
Safeguard Database Connection Strings and Other Sensitive Settings in Your
Code" article
([url]http://msdn.microsoft.com/msdnmag/issues/03/11/ProtectYourData/[/url]), which
offers some suggestions, but don't expect it (or anyone else who is not
closely familiar with your application) to give you detailed instructions. I
assume that you also realize that all transactions should be done over SSL
(HTTPS).
Alek
"Samir A. Mamude" <mamude@terra.com.br> wrote in message
news:efcgO0Y1DHA.3416@tk2msftngp13.phx.gbl...use???> Hello,
>
> How is the best solution to store the credit cardīs info in ASP.NET for
> E-commerce site?
> What kind of cryptography methods, manipulted with xml, that I could> I Look in many sites, but I couldīt find any help
>
> Thx!
>
> Samir
>
>
Alek Davis Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
