Reputation: 419
pci compliance c#
I am looking for implemeneting pci compliance security for storing CustomerID. i am encrypting the CustomerID storing in DB.But when a customer requests to my webservice, I will encryt the customerID pass it to webservice and when the customerID reches my webservice , it should be decrypted.but i am right now storing the key for encrytion in webconfig.ie not secure Any better pci compliance security measures i can use in c#.Any links for implementing pci compliance security.IS hardware security module is an option.
Any suggestion and links appreciated.
regards
supriya
Upvotes: 0
Views: 1599
Answers (2)
Reputation: 11
First and foremost, what is customerID? If it is the customer's credit or debit card number, then PCI applies and it should be encrypted when stored with strong encryption and key management.
Upvotes: 1
Reputation: 19822
I suggest you have some research to do.
I'm not sure what a customerID is and why it needs to be encrypted. PCI deals with security standards around payment transactions.
https://www.pcisecuritystandards.org/index.php
You maybe thinking about web application security. Lots of information from OWASP.
https://www.owasp.org/index.php/Main_Page
Upvotes: 2
Related Questions
- Smart card reader development with .Net technologies
- C# smartcards programming
- Storing credit card details
- NopCommerce PCI
- I have a few questions for PCI compliance
- ASP.net This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms
- Accessing PCI-7250 NuDAQ in .NET
- Internal Vulnerability Scan Report
- PCI Compliance on Windows Web Server 2008 R2
- What does it take to write a PCI compliant assembly?