Here is the model we are using to store the CC details how secure

Question

0

Asked: May 14, 20262026-05-14T02:24:28+00:00 2026-05-14T02:24:28+00:00

Here is the model we are using to store the CC details how secure

0

Here is the model we are using to store the CC details how secure does this look?

All our information is encrypted using public key encryption and the keypair is user dependent (its generated on the server and the private key is symmetric encrypted using the users password which is also Hashed on the database) So basically on first run the user sends in his password via a SSL connection and the password is used with the addition of salt to generate an MD5 hash, also the password is used to encrypt the private key and the private key is stored on the server. When the user wants to make a payment, he sends his password. The password decrypts the private key, and the private key decrypts the CC details and the CC details are charged.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-14T02:24:29+00:00

Editorial Team

2026-05-14T02:24:29+00:00Added an answer on May 14, 2026 at 2:24 am

If the user’s password is secure enough to protect the private key, why not skip the private key and use password (via a suitable key derivation algorithm) to encrypt the credit card number? Unnecessary complications definitely do not improve security.

This scheme doesn’t use the public key for anything, indicating that an asymmetric algorithm is out of place here.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Here is the model we are using to store the CC details how secure

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply