Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a column in my database that stores a credit card number. After keeping it in the database for about two weeks, I want to be able to run a query to update all of the credit card entries and mask them – only showing the last four digits. So far I have been unsuccessful at finding a way to go about this – what if the credit card numbers vary in length? It would be better if I could mask the first 12 digits unless it starts with a 3, then mask only the first 11.
You have to restructure your handling of payment (credit) card data, and immediately. Otherwise, your company could lose the ability to process payment cards, and you’ll then probably get fired. And if these plain-text numbers get compromised by an un-authorized source …
First, you’ll want to encrypt your payment card names, numbers, and expiration dates. Then, you’ll want to take a database backup, put it on tape, and get it off-site. Then, purge all existing database backups, because these contain plain-text credit card numbers – a big no-no according to the Payment Card Industry.
The safest thing to do would be to store the four right-most digits in another encrypted column in your table. Then, you only need to select this field, and decrypt it on the client end (remember, you have to make sure payment card numbers are encrypted while going “over the wire” [a.k.a. your LAN or WAN or internet connection]). Display the number as “Account ending in ####” or something similar.