<div>
Apparently there are issues with character arrays getting swapped to disk - but no one else answered so you can have the points.
</div>


Apparently there are issues with character arrays getting swapped to disk - but no one else answered so you can have the points.

<div>
<div class="content wysiwyg-content">
If I just encrypt a string with a credit card number, the old unencrypted one is still hanging around for a bit until it’s garbage collected. The encryption is written to a new copy. The same issue arises if we try to overwrite the old string when done with it, i.e. the original string becomes unreferenced and new string is created for the overwrite. <br />
<br />
I did wonder about SecureString but this discussion seems to identify issues with it:<br />
<a href="http://stackoverflow.com/questions/27973858/c-sharp-and-removing-sensitive-data-and-all-garbage-collection-copies-from-memor" rel="ugc">http://stackoverflow.com/questions/27973858/c-sharp-and-removing-sensitive-data-and-all-garbage-collection-copies-from-memor</a>&nbsp;<br />
<br />
What is the recommended way of holding credit card details in C#?
</div>
</div>


If I just encrypt a string with a credit card number, the old unencrypted one is still hanging around for a bit until it’s garbage collected. The encryption is written to a new copy. The same issue arises if we try to overwrite the old string when done with it, i.e. the original string becomes unreferenced and new string is created for the overwrite. 

I did wonder about SecureString but this discussion seems to identify issues with it:
http://stackoverflow.com/questions/27973858/c-sharp-and-removing-sensitive-data-and-all-garbage-collection-copies-from-memor 

What is the recommended way of holding credit card details in C#?

What is the recommended C# DataType for holding credit card information?

C# is an object-oriented programming language created in conjunction with Microsoft’s .NET framework. Compilation is usually done into the Microsoft Intermediate Language (MSIL), which is then JIT-compiled to native code (and cached) during execution in the Common Language Runtime (CLR).

The .NET Framework is not specific to any one programming language; rather, it includes a library of functions that allows developers to rapidly build applications. Several supported languages include C#, VB.NET, C++ or ASP.NET.