Reputation: 45
How should I post credit card info from my iPhone app to a Windows server?
What is the most secure way to post credit card information from my iPhone application to a Windows server?
My iOS app sells some goods, like dresses.
Upvotes: 2
Views: 1271
Answers (4)
Reputation: 21
I completely agreed with Shivam and Simons. Mostly we have all e-commerce sites hosted on "https" which allow users to freely put their CC details and shop wherever they want to. a part from this if you are willing to surf around and shop through an application on your IOS phone then i think you should considerably google for VPN. It is one of the best and most reliable tool these days which enable users not only to make e-commerce transaction through secure channel but also protects users data through all aspects. I think going for Certificates won't be a good option as it involves certain procedures and guidelines.
Upvotes: 1
Reputation: 26
Look Michael. There are following ways through which you can post your credit card information from your iPhone application to a windows server. First you can use a "https//" when you are posting your credit card information because all of your information go through a secured channel. The second option to post your credit card information from you iPhone app to windows server is to connect yourself with a VPN connection. I usually use VPN connection when I want to secure my sensitive data. Currently I am using PureVPN connection, that encrypt all of my sensitive information and all the information passes through secured encrypted tunnel and no unauthorized person can access to my sensitive information.
Upvotes: 1
Reputation: 7493
(IANA Credit card merchant, I only play one here after reading other SO questions)
If you are dealing with explicit credit card data then you should be PCI compliant across your whole system. See things like:
and
If you are automating this (IE buy a dress from your iPhone) the CC Merchant that you are dealing with should have well defined protocols for handling credit cards. You should be asking them how they want the data sent. My general understanding is that you do not retain anything and just pass it through to the company who does all the financial stuff for you and the just passes back a validation for the transaction.
Upvotes: 1
Reputation: 2232
If it is a webservice that you connect to on your Windows server, you can make the server ssl enabled have the client (iphone app) POST your data using the https link.
If this is some proprietary service using some proprietary protocol, you can consider using public key cryptography. Encrypt data with a one time AES key. Send the encrypted data. Encrypt the AES key with your public key and send it along. The server decrypts the symmetric AES key with your private key and thereafter decrypts the data !
I'd personally prefer the first option (SSL) over the second anytime !
Upvotes: 0
Related Questions
- Does Apple allow us to send Credit Card information of the user from the app to the server for payment purpose?
- Sending POST data from iphone over SSL HTTPS
- Send post data securely from iPhone
- Storing Credit Card details in the iPhone App
- How to store credit card info on iphone?
- Post data from iPhone to ASP.NET
- IOS app for a website
- send data from iphone to azure
- How to send data bytes through HTTP post to .NET server
- Best security practices when sending a credit card number to a REST API from iOS