I have to store credit card information in my database. this should be encrypted.
It is ok to encrypt this with expo crypto lib ?
Related
Each user of our system uses an X509 certificate to sign documents or approve documents.
We issue certificates by ourselves and send them to users in form of a PKCS12 file. It works perfectly so far.
Now, we want to distribute our certificates in a USB Token like other Certificate Authorities do.
Can we make tokens by ourselves using .NET code? If not, which software is used for making such USB tokens?
USB Tokens are SmartCard in USB Drive with USB Connector fused into it. (Instead of Smartcard reader and USB Cable...!)
USB Tokens are cypto capable devices which stores user's private keys securely and public keys and Certificates may also be stored in it (but has limited storage space)
Any Government approved Certifying Authority or Self (Internal) Certifying Authority can enroll and issue certificates in USB Token.
Suggest you to buy any FIPS Certified USB Tokens or Smartcard available in your market.
Please refer to my posts about USB Token and APIs available for Certifying Authority:
https://security.stackexchange.com/a/252698/206413
https://stackoverflow.com/a/68556286/9659885
API available for Developers:
https://stackoverflow.com/a/63173083/9659885
I've evaluated a solution called EIDVirtual to create a smartcard from a regular USB. It's from mysmartlogon.com.
I works at my development environment. However I'm not sure is it straightforward for the end users or not. And the cost is needed to clarify as well. If each end user PC requires a license, then it is not feasible at all.
I created a key for Coinbase according to their instructions.
https://developers.coinbase.com/docs/wallet/api-key-authentication
However the secret they provide cannot be decoded. At first I thought it could be my code, but when I used the following website, they cannot decode the secret either. Is there another was to decode Base64?
https://devpal.co/base64-decode/
issue
Here is the secret that Coinbase provided in their sandbox environment. The key has since been deleted.
9LSLaXxMTY/ucSj9AvsCEobGqsJAnvPQbEBDSHmX+XyjGcbSvFzc2mXQCZjudLv36oxuZSM3U15yydyIWdVTVg==
I would like to know how can we encrypt using AES and Expo for react native.
The expo-crypto seems to be only providing hashing and no real encryption.
Is there a way to do this with Expo?
I want to secure api, used by react native app.
If authorisation header is sent user can read a request and access data so to avoid this I want to use SSL certificate for client and server.
Now if I place certificate in asests folder it will be accessible to the users whoever download the apk.
Is it possible for the user to get the client side certificate from asests. If yes how can it be avoided.
Going through the getting started guide for the Google Wallet API for digital goods, the need for an SSL certificate isn't mentioned. I searched around support articles and discussion boards and couldn't find any clear answer to this.
Is an SSL certificate required (or recommended) on a page that implements a 'buy' button to protect the credit card information entered by the user in the popup window, or is it unnecessary because that information is being sent to a secure Google domain?
You answered your own question :-)
The Google Walet for digital goods transaction takes place in a secure popup on a Google domain. You can use a debugger (e.g. Firebug) to watch the network traffic (and see that it is HTTPS).