<div>
<div class="content wysiwyg-content">
I have some sample code on my aspx page. &nbsp;A text box for a user to enter a credit card and a button which will take the text and store it (encrypted) in a database.<br />
<br />
&lt;asp:Button id=&quot;btnstore&quot; runat=&quot;server&quot; Text=&quot;store&quot; OnClick=&quot;btnstore_click&quot; /&gt;<br />
&lt;asp:TextBox ID=&quot;txtCredit&quot; runat=&quot;server&quot;&gt;&lt;/asp:TextB<wbr />ox&gt;<br />
<br />
My question is this. &nbsp; Is there anything special I need to do from the time the button click happens, to the time I encrypt the text and store in in the database? &nbsp; If I use Fiddler on my localhost website while I'm testing this, I can see the clear text credit card in the viewstate while the button click happens. &nbsp; &nbsp; The website will eventually be hosted on an HTTPS site. &nbsp; Is this something that I need to worry about (i.e. sniffing the website)?<br />
<br />
Thanks.
</div>
</div>


I have some sample code on my aspx page.  A text box for a user to enter a credit card and a button which will take the text and store it (encrypted) in a database.

<asp:Button id="btnstore" runat="server" Text="store" OnClick="btnstore_click" />
<asp:TextBox ID="txtCredit" runat="server"></asp:TextBox>

My question is this.   Is there anything special I need to do from the time the button click happens, to the time I encrypt the text and store in in the database?   If I use Fiddler on my localhost website while I'm testing this, I can see the clear text credit card in the viewstate while the button click happens.     The website will eventually be hosted on an HTTPS site.   Is this something that I need to worry about (i.e. sniffing the website)?

Thanks.

Best practice to accept credit card in asp.net form

The successor to Active Server Pages, ASP.NET websites utilize the .NET framework to produce dynamic, data and content-driven web applications and services. ASP.NET code can be written using any .NET supported language. As of 2009, ASP.NET can also apply the Model-View-Controller (MVC) pattern to web applications

ASP.NET

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

The .NET Framework is not specific to any one programming language; rather, it includes a library of functions that allows developers to rapidly build applications. Several supported languages include C#, VB.NET, C++ or ASP.NET.

.NET Programming

Web applications are systems that run in browsers that perform functions normally associated with other client-based programs. One of the most commonly used web applications is email; instead of downloading individual emails to a local machine, the data is shown through a website. Other examples of web applications are collaborative systems like a wiki or an online game.