使用swift通过http POST安全发送信用卡详细信息是否安全？

Question

The API that I'm using requires me to send Credit Card Details to complete payment through a HTTP POST request (through swift). Is this safe by any means? And moreover, how do I securely store credit card information for repeated payments?

The credit card holder's name, credit card number, cvc, and date of expiry are all sent over a POST request. Then, the API returns whether the payment was successful, and the last four digits of the credit card number.

Simply put, I'm not entirely familiar with payment security, and would like to know if this is safe, and moreover how to save payment information securely using swift, even if that's possible. I don't think I can use stripe for this process, but I would love to know if that's possible as well.

EDIT: I have confirmed that the API I'm using does in fact employ an HTTPS connection, and not simply a HTTP server. At this point, I know not to save credit card information locally and that I should retrieve it from a third party service before handling it. Thanks All!

Answer 1

Just append a 's' with your http then it's permissible. http is insecure as already mentioned by @t0mm13b. So it's not safe.

there is a Nice post .

Edited:

Don't be just happy that appending 's' is sufficient though. :)

Answer 2

Using Swift or any other programming language and sending sensitive information over HTTP is not secure as mentioned in the comments.

Instead you should use an HTTPS connection.

Answer 3

Sending any sensitive information over HTTP is not secure and not recommended. Most of the payment gate ways doesn't allow you to establish a session on HTTP. Even if you are using HTTPS usually sensitive information is encrypted and sometimes encoded on client end and server decrypts, decodes and processes it which inturn gives double security to the requests you make.