----------------------------------------------------------- New Message on BDOTNET
----------------------------------------------------------- From: kgaurav4u Message 1 in Discussion Hi I need to store the credit card information in my database. I have been looking for some third party tools which could provide encryption for credit card numbers. The help I needed is: a) What was the most secure encryption tool that can be used to store credit card information? b) Any tool which implements AES and does not expect a private key to be supplied as shown in the sample application provided by Microsoft. But in this case customize tool needs to be provided as anybody can buy the tool and decrypt the information. c) What is the best way to secure a private key used by the algorithm like storing in RAM, registry, isolated storage etc? And how to implement it. d) If some code implementation, which allows encrypting securely is available. The client is ready to invest in Third Party Tool. I short listed two third party .Net components for encryption: Chilkat Software (http://www.chilkatsoft.com/dotNetCrypt.asp) ezCrypto .NET (http://www.componentsource.com/Catalog.asp?fl=A200&gf=+BUSFUNCDATAPC&gd=Encryption&bc=A100~A200~BUSFUNCDATAPC&sc=CS&PO=514745&option=10444&RC=FCSR&POS=1&bhcp=1 ) Both the above are c# implemented tools and implement AES algorithm. But the problem is both ask for private key to be supplied. And I need to store the private key in a secure manner. The work round I decided was to use the dll provided by the tool. Write some login to generate dynamically private key for each of the registered users based on his profile. Store this logic in a dll and some how secure this logic, so that no body is able to access it. But how to secure the logic is a concern, as dll can also be hacked to view its contents. One option I was looking at was to use isolated storage as provided by .Net. But I�m not sure can we store and access a dll using isolated storage. It would be great if somebody can help me with the above problem. Regards Gaurav ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/BDotNet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
