MikeCausi
asked on
Best practice to accept credit card in asp.net form
I have some sample code on my aspx page. A text box for a user to enter a credit card and a button which will take the text and store it (encrypted) in a database.
<asp:Button id="btnstore" runat="server" Text="store" OnClick="btnstore_click" />
<asp:TextBox ID="txtCredit" runat="server"></asp:TextB ox>
My question is this. Is there anything special I need to do from the time the button click happens, to the time I encrypt the text and store in in the database? If I use Fiddler on my localhost website while I'm testing this, I can see the clear text credit card in the viewstate while the button click happens. The website will eventually be hosted on an HTTPS site. Is this something that I need to worry about (i.e. sniffing the website)?
Thanks.
<asp:Button id="btnstore" runat="server" Text="store" OnClick="btnstore_click" />
<asp:TextBox ID="txtCredit" runat="server"></asp:TextB
My question is this. Is there anything special I need to do from the time the button click happens, to the time I encrypt the text and store in in the database? If I use Fiddler on my localhost website while I'm testing this, I can see the clear text credit card in the viewstate while the button click happens. The website will eventually be hosted on an HTTPS site. Is this something that I need to worry about (i.e. sniffing the website)?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER