Solved

Encrypting a credit card number for database storage in c#

Posted on 2004-09-25
3
1,567 Views
Last Modified: 2010-05-18
I want to encrypt credit card numbers I get from web surfers for storage in my sql server with c# and asp.net.

Where should I store the key? How should the system access the key when it wants to decrypt a number from a return visitor? If the key is stored in the database or web.config wouldn't that make for a not so secure system?
0
Comment
Question by:sethUSer420
3 Comments
 
LVL 22

Expert Comment

by:cookre
ID: 12151814
A simple way around that problem is to use a string (or portion thereof) already embedded in the code as the key.  Don't make a special key string, just use an error message, window title, or some such.  Anyone looking at plaintext strings in the executable won't give such strings a second thought.

Now, if they're willing and able to reverse engineer the executable, well, you'd be hard pressed to protect against that anyway.
0
 
LVL 3

Accepted Solution

by:
mAjKoL earned 500 total points
ID: 12152339
It is not very secure to include your key in the code. It should be extracted and used at runtime.
Read this:
http://msdn.microsoft.com/msdnmag/issues/03/11/ProtectYourData/default.aspx

HTH
0
 
LVL 2

Expert Comment

by:fulp02
ID: 12154220
Another Simple fix is if your customers are going to have accounts with you Use the users passwords
to encrypt the credit card number and experation date and CVV2 card code then when the returning
customers come back the key will be their password. That way the only people that can get their credit
card are them ! and you of course as long as you know their password .

Good luck with it man sounds very interesting let me know what happens
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
C#.NET and microsoft certification. 3 40
Video Player 11 23
EF5: Question about Metadata Artifact Processing 4 15
.NET 2008 VB and C# 6 27
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question