q; Keeping Credit Card in the database

G

Guest

Keeping Credit Card in the database:
If I am going to keep credit card information in the database, what process
and procedure I need to pay attention so that I would not be in trouble
because of security in web application, database, and in the building that
the server is in. Any guidelines?
 
M

Michael Nemtsev

Hello JIM.H.,

Use SSL to have the postback encryption, encript session state and DB content

---
WBR, Michael Nemtsev [.NET/C# MVP].
My blog: http://spaces.live.com/laflour
Team blog: http://devkids.blogspot.com/

"The greatest danger for most of us is not that our aim is too high and we
miss it, but that it is too low and we reach it" (c) Michelangelo

J> Keeping Credit Card in the database:
J> If I am going to keep credit card information in the database, what
J> process
J> and procedure I need to pay attention so that I would not be in
J> trouble
J> because of security in web application, database, and in the building
J> that
J> the server is in. Any guidelines
 
T

Tim Payne

Some of this will depend on the applicable data laws in your country. For
example the UK data protection act states how long you're allowed/required
to keep data for and that sort of thing.

All transactions should be done over SSL, and the credit card details should
be encrypted in the database, preferably using a key with salt.

Regards,

Tim.
 
M

Mark Rae [MVP]

Some of this will depend on the applicable data laws in your country. For
example the UK data protection act states how long you're allowed/required
to keep data for and that sort of thing.

Very true. In addition, you need to be registered with the Information
Commissioner's Office before you can store certain types of data, especially
personal and financial data like this...
All transactions should be done over SSL, and the credit card details
should be encrypted in the database, preferably using a key with salt.

Yes, definitely.
 
R

Rad [Visual C# MVP]

Keeping Credit Card in the database:
If I am going to keep credit card information in the database, what process
and procedure I need to pay attention so that I would not be in trouble
because of security in web application, database, and in the building that
the server is in. Any guidelines?
You also need to look at database level encryption
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,920
Messages
2,570,038
Members
46,449
Latest member
onedumbsquirrel

Latest Threads

Top