Solved

Encrypting a credit card number for database storage in c#

Posted on 2004-09-25
3
1,554 Views
Last Modified: 2010-05-18
I want to encrypt credit card numbers I get from web surfers for storage in my sql server with c# and asp.net.

Where should I store the key? How should the system access the key when it wants to decrypt a number from a return visitor? If the key is stored in the database or web.config wouldn't that make for a not so secure system?
0
Comment
Question by:sethUSer420
3 Comments
 
LVL 22

Expert Comment

by:cookre
ID: 12151814
A simple way around that problem is to use a string (or portion thereof) already embedded in the code as the key.  Don't make a special key string, just use an error message, window title, or some such.  Anyone looking at plaintext strings in the executable won't give such strings a second thought.

Now, if they're willing and able to reverse engineer the executable, well, you'd be hard pressed to protect against that anyway.
0
 
LVL 3

Accepted Solution

by:
mAjKoL earned 500 total points
ID: 12152339
It is not very secure to include your key in the code. It should be extracted and used at runtime.
Read this:
http://msdn.microsoft.com/msdnmag/issues/03/11/ProtectYourData/default.aspx

HTH
0
 
LVL 2

Expert Comment

by:fulp02
ID: 12154220
Another Simple fix is if your customers are going to have accounts with you Use the users passwords
to encrypt the credit card number and experation date and CVV2 card code then when the returning
customers come back the key will be their password. That way the only people that can get their credit
card are them ! and you of course as long as you know their password .

Good luck with it man sounds very interesting let me know what happens
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linq Help 1 35
C# HTTP GET method sample code 3 39
C# Single Form 8 26
Help with C#, MVC, razor. 6 21
Introduction Hi all and welcome to my first article on Experts Exchange. A while ago, someone asked me if i could do some tutorials on object oriented programming. I decided to do them on C#. Now you may ask me, why's that? Well, one of the re…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now