Credit card encryption

Hi everyone,

I’m creating an app in node.js for a job interview take-home challenge.
The app is a booking app that sends info to a database (I’m using Mongo).
I have to store the credit card number in a safe way.
What do you recommend to do this? It is unlikely that anyone will use it with a real credit card number, but I want to do it as well as possible since it’s for a job and it’s a fintech company so they’ll probably check (they made a note about storing it safely in the instructions).

Thanks in advance!

crypto for node.js

Perfect! Thanks so much!!

You should Google the PCI compliance requirements for your country as well. This might not be just a technical challenge, they may want to see how aware you are of your legal obligations when handling customer credit card data. Even if you don’t build a fully PCI compliant credit card payment system, as a Fin Tech candidate they probably want you to be aware of the shortcomings of hashing credit card data and storing it.

This is what I was thinking too. In real life, I would use a third party service, but since this is a mock program, it doesn’t make sense to do so since I’m not making any payments (the stored info is credit card number and stuff about the booking: type, number of people, etc, no names).
What do you suggest?
Thank you!

1 Like