1

I want to send credit card number through post method but the credit card number should be in encrypted form. How to encrypt it?

My code is:

NSString *fName = firstName.text;
NSString *lName = lastName.text;
NSString *phone = phoneNumber.text;
NSString *emailid = email.text;
NSString *cardNumber = creditCardNumber.text;
NSString *ID = particularEventPaidId;
NSString *postData = [NSString stringWithFormat:@"id=%@&firstname=%@&lastname=%@&phone=%@&email=%@&creditcard=%@",ID,fName,lName,phone,emailid,cardNumber];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
NSLog(@"postLength is: %@",postLength);

NSURL *url = [NSURL URLWithString:@"http://cfcdi.org/eassociation/web-service/event-register.php"];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[request setHTTPMethod:@"POST"];
NSData *requestBody = [postData dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setHTTPBody:requestBody];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"content-type"];
NSURLResponse *response;
NSError *requestError;
[NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&requestError];

if(requestError==nil)
    NSLog(@"Error is nil");
else
    NSLog(@"Error is not nil");
NSLog(@"success!");

In above I want to send credit card number in encrypted form.

halfer
  • 19,824
  • 17
  • 99
  • 186
pinku
  • 57
  • 2
  • 10
  • 3
    If you have to ask, do something else; http://stackoverflow.com/questions/805324/what-options-are-available-to-accept-credit-card-payments-through-an-iphone - doing this has non trivial pa-dss/pci-dss implications – Alex K. Apr 28 '11 at 13:07
  • Agreed, avoid the headache, you will have to worry about supplying documentation to apple about the encryption, you will be responsible for the security of the credit card information which can lead to serious legal problems if you are ever hacked. Stick with the big guys who are already doing it. – Joe Apr 28 '11 at 13:13
  • 1
    I agree with Alex and Joe: If you have to ask this basic question about encryption you're not ready to deal with the complexity involved with credit cards. It's a rough world out there, just ask Sony. – Claus Broch Apr 28 '11 at 13:29
  • This is too broad for a Stack Overflow question, so I will cast a close vote on it. – halfer Jun 17 '19 at 19:41

1 Answers1

0
  1. Make sure you use a secure server when you prepare to launch your application (https://)
  2. Look at some AES encryption examples and Apples CryptoExercise.

Apple's CryptoExercise

AES Encryption for an NSString on the iPhone

halfer
  • 19,824
  • 17
  • 99
  • 186
Joe
  • 56,979
  • 9
  • 128
  • 135