Storing credit card details
Posted
by Andrew
on Stack Overflow
See other posts from Stack Overflow
or by Andrew
Published on 2008-10-15T20:54:35Z
Indexed on
2010/05/11
6:54 UTC
Read the original article
Hit count: 342
I have a business requirement that forces me to store a customer's full credit card details (number, name, expiry date, CVV2) for a short period of time.
Rationale: If a customer calls to order a product and their credit card is declined on the spot you are likely to lose the sale. If you take their details, thank them for the transaction and then find that the card is declined, you can phone them back and they are more likely to find another way of paying for the product. If the credit card is accepted you clear the details from the order.
I cannot change this. The existing system stores the credit card details in clear text, and in the new system I am building to replace this I am clearly not going to replicate this!
My question, then, is how I can securely store a credit card for a short period of time. I obviously want some kind of encryption, but what's the best way to do this?
Environment: C#, WinForms, SQL-Server.
© Stack Overflow or respective owner