存储信用卡的详细信息 [英] Storing credit card details
问题描述
我有迫使我存储客户的充分的信用卡详细信息(号,姓名,有效期,CVV2)的时间很短周期的业务需求。
I have a business requirement that forces me to store a customer's full credit card details (number, name, expiry date, CVV2) for a short period of time.
理由:如果一个客户来电订购产品和其信用卡被拒绝,你可能会失去的销售点。如果你把他们的详细资料,感谢他们的事务,然后发现卡被拒绝,你可以给他们打电话回来,他们更容易找到支付该产品的另一种方式。如果信用卡被接受你的命令清除的细节。
Rationale: If a customer calls to order a product and their credit card is declined on the spot you are likely to lose the sale. If you take their details, thank them for the transaction and then find that the card is declined, you can phone them back and they are more likely to find another way of paying for the product. If the credit card is accepted you clear the details from the order.
我无法改变这一点。现有的系统存储的信用卡信息以明文形式,并在新的系统我建立替换这个我清楚的没有的要复制这个!
I cannot change this. The existing system stores the credit card details in clear text, and in the new system I am building to replace this I am clearly not going to replicate this!
我的问题,那么,我怎么能安全地存储信用卡的时间很短。我当然希望某种加密,但什么是做到这一点的最好方法是什么?
My question, then, is how I can securely store a credit card for a short period of time. I obviously want some kind of encryption, but what's the best way to do this?
环境:C#,的WinForms,SQL服务器
Environment: C#, WinForms, SQL-Server.
推荐答案
通过采取责任心,以节省您身边的CC细节一切手段基本上避免,不过,我可以假设你使用的是第三方服务,做您的交易,如贝宝/ Verisign或什么的,大部分都有的API,使您节省CC证书在他们的身边,他们给你回一键,你就可以使用以后完成或启动交易,所以他们最困难的部分照顾,而所有你需要做的就是保存这个字符串键在你的数据库。
Basically avoid by all means taking the responsiblity to save the CC details on your side, however I can assume you are using a thirdparty service to do your transaction such as PayPal/Verisign or whatever, most of them have API's that enables you to save CC credentials at their side, and they give you back a key that you can then use later to complete or initiate transactions, so they take care of the hard part, while all what you have to do is store this string key in your DB.
这篇关于存储信用卡的详细信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
