将加密的信用卡号存储在SQL数据库中
我想知道最好的方法是在 C#(.net框架)的SQL数据库中存储加密的信用卡号。我应该使用某种对称加密使用 String / SecureString / Byte Array 手动执行?
I was wondering what the best approach is to store encrypted credit card numbers in a SQL database for C# (.net framework). Should I do it manually by using String/SecureString/Byte Array with some sort of symmetric encryption?
我听说有一个替代方案(可能是更简单的选择),一个服务提供商(你把这个交易交给你)会给你可用于检索交易信息的键。我不知道该怎么做,但这是更好的选择吗?我想要最安全和最安全的选项。我想要符合 PCI兼容。
I heard that for an alternative (and probably the easier option), a service provider (which you place the transaction with) will give you a key that can be used to retrieve transaction information. I don't know how to go about this approach, but is this the better option? I want the most safest and most secure option. I want to be PCI compliant as well.
更新:在写这个答案的三年中,我已经学到了更多有关PCI的信息,并且发布了一个新的规范。虽然以下信息不是错误,但步骤1可让您进入 PCI范围在D for Merchants级别,其中是最繁重的
Update: In the three years since I wrote this answer, I've learned more about PCI, and a newer spec has been released. While the information below is not wrong, step 1 puts you in PCI scope at the "D for Merchants" level, which is the most onerous.
更好的处理方法是自己不要触摸卡片数据。您可以使用由处理器提供的表单向其发送数据,或者您只是重定向到它们(如使用PayPal)。这两个选项都可以让您进入A或A-EP级别,这更容易
The better way to handle this is to not touch the card data yourself. Either you use a form provided by your processor which sends them the data, or you just redirect to them (like with PayPal). Both options can put you at the "A" or "A-EP" levels, which are much easier to certify.
无论哪种方式,您仍然会收到一个令牌,这是可以安全存储的,所以步骤3和4仍然适用。
Either way, you would still receive a token, which is safe to store, so steps 3 and 4 are still applicable.
原始答案
我听说,对于一个替代方案(可能更简单的选择),一个服务提供商(你把这个交易放在一起)会给你一个钥匙,可以用来检索交易信息。
I heard that for an alternative (and probably the easier option), a service provider (which you place the transaction with) will give you a key that can be used to retrieve transaction information.
这是真的。基本上,过程是:
This is true. Basically, the process is:
- 从客户/用户处获取信用卡信息。存储在代码变量(即不是文件,日志或数据库)中。
- 向您的处理器发送信用卡信息(如授权.NET,Payware,PayPal等)。
- 接收包含某种令牌的响应。这是您识别此特定事务以便将来与处理器通信的方式。
- 将令牌存储到数据库中。加密是很好的,但不是必需的,因为令牌简单地引用事务#12345,并且本身没有敏感信息。
- Get credit card information from customer / user. Store in in-code variable (i.e. not a file, or a log, or a database).
- Send credit card information to your processor (such as Authorize.NET, Payware, Paypal, etc).
- Receive a response which includes a "token" of some sort. This is the way you identify this particular transaction for future communications with the processor.
- Store the token into your database. Encryption would be nice, but not necessary, since the token simply refers to "Transaction #12345", and has no sensitive information by itself.