我应该在哪里存储Android中的信用卡号码?
[英]Where should I store credit card numbers in Android?
问题描述
I have an application and the customer needs the app to store the user's credit card details. 
我有一个应用程序,客户需要该应用程序来存储用户的信用卡详细信息。
Where should I store it? 我应该在哪里存放?
2 个解决方案
解决方案1
8 已采纳 2015-02-08 22:08:20
Use a payment gateway that supports tokenization, and store the token instead of the actual card info. 使用支持标记化的支付网关,并存储令牌而不是实际的卡信息。 If you must store the card info, store it in a SharedPreferences file, encrypted with a PIN that the user must enter for every transaction. 如果您必须存储卡信息,请将其存储在SharedPreferences文件中,该文件使用用户必须为每笔交易输入的PIN加密。 Do not store the PIN anywhere; 不要将PIN存储在任何地方; attempt to decrypt the card info as needed using the PIN supplied by the user. 尝试使用用户提供的PIN根据需要解密卡信息。
The PCI standard expressly forbids storing the CVV in any manner, so all transactions will have to be run as card-not-present. PCI标准明确禁止以任何方式存储CVV,因此所有交易都必须以卡不存在的方式运行。 (Another advantage of tokenization: you may be able to get card-present rates.) (标记化的另一个优点是:您可以获得卡片存在费率。)
解决方案2
5 2015-02-08 23:20:25
Never store sensitive information on the device, even if it is encrypted! 切勿将敏感信息存储在设备上,即使它已加密! Its a child's play to peek into shared preferences if the device is rooted. 如果设备已植根,它可以让孩子看到共享偏好。
Either use a payment gateway or send the data to the server after encryption for storage. 在加密存储后使用支付网关或将数据发送到服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.