Storing credit card details

Posted by Andrew on Stack Overflow See other posts from Stack Overflow or by Andrew
Published on 2008-10-15T20:54:35Z Indexed on 2010/05/11 6:54 UTC
Read the original article Hit count: 342

Filed under:
|
|
|
|

I have a business requirement that forces me to store a customer's full credit card details (number, name, expiry date, CVV2) for a short period of time.

Rationale: If a customer calls to order a product and their credit card is declined on the spot you are likely to lose the sale. If you take their details, thank them for the transaction and then find that the card is declined, you can phone them back and they are more likely to find another way of paying for the product. If the credit card is accepted you clear the details from the order.

I cannot change this. The existing system stores the credit card details in clear text, and in the new system I am building to replace this I am clearly not going to replicate this!

My question, then, is how I can securely store a credit card for a short period of time. I obviously want some kind of encryption, but what's the best way to do this?

Environment: C#, WinForms, SQL-Server.

© Stack Overflow or respective owner

Related posts about c#

Related posts about .NET