How to Encrypt Credit Card Information in an SQL Database

By Cristina Puno, eHow Contributor
X
Cristina Puno

Cristina Puno started writing in 2007 as a freelance web content manager and technical writer. She writes regularly for several online publications, including her own music website, The Indie Music Database. Puno holds a Master of Science in information management from Ateneo de Manila University.

View my portfolio

Found This Helpful
How to Encrypt Credit Card Information in an SQL Database thumbnail
Many online sites offer payment via credit cards.

On e-commerce sites, one of the many features included for shoppers is the ability to store credit card information for faster checkout. Since credit card information is sensitive, it is not recommended to simply store the number on the site's online database, as it poses a great security risk in case hackers take over. To add security, encrypting sensitive information is a good practice. This involves storing credit card numbers in an encrypted form, to make it less easy for anyone to know the exact credit card number stored in the database.

Things You'll Need

  • SQL database
  • Web server

Instructions

    • 1

      Create an input form that accepts credit card number submissions using Notepad. Add text fields for data that you wish to collect such as credit card number, credit card type and the name of the cardholder. Set the action of the <form> tag to a file that contains the programming script that handles this information and save it in your SQL database.

    • 2

      Produce a programming script. Open a new file on Notepad and first create a script to connect to the SQL database. The script depends on the programming language used as well as the kind of database used. Common programming language and database combinations are PHP for MySQL databases and ASP.net for MS SQL Server databases.

    • 3

      Add a script to grab the submitted data on the forms. In the script, create variables to store the data to be used later when saving the information to the database.

    • 4

      Design a script to encrypt the credit card information. Using an encryption algorithm of your choice, create a routine that converts the information into encrypted data. Programming languages such as PHP have built in functions that can encrypt. An example is the base 64 encryption function that can be used by invoking the following code:

      base64_encode($credit_card_number);

      Save this encrypted data in a separate variable.

    • 5

      Add a script to save the information in your database. Use an SQL statement to code the variables to store the data grabbed from the form, as well as the variables that hold the encrypted credit card information and insert this data into the database. The following is an example of an SQL statement that inserts new data:

      INSERT INTO Clients (CardHolder, Cardtype, CardNumber)
      VALUES ('$name', '$type', '$encryptednumber')");

      In the SQL statement above, $name, $type, $encryptednumber represent the variables.

    • 6

      Save the your programming script file. Upload the HTML form and the script file onto your Web server.

    • 7

      Access the form on your browser and use it to store credit card numbers in an encrypted form in the SQL database.

Related Searches

References

Resources

  • Photo Credit Scott Quinn Photography/Brand X Pictures/Getty Images

You May Also Like

Related Ads

Featured
View Mobile Site

Sign up for eHow

Log in with Social

Ask questions, find answers and discuss ideas with eHow's helpful community

or Sign up with Email

OR

By signing up or using the eHow services you agree to the eHow Terms of Use and Privacy Policy

Reset Your Password

Password Reset Email Sent

Check your email for instructions to reset your password.

M