 Posted - 02/11/2018 : 22:34:26
I think that would require some intensive custom work.
Here is my take on the situation.
Big companies, let's take Home Depot here in the United States for example, store customer credit card data as a way to identify you.
This is how they track you when you do not give them your name or address at the checkout line.
The data they collect is very powerful because they have so much of it.
This left them in a position to get hacked and it happened.
It's the credit card data thieves want.
At my online store, we never store any credit card data. Payment data passes right by us and we never see the full card number, much less store it.
Even when a customer owes additional funds, we do a reference transaction or have the customer initiate a new payment. Never taking a card number over the phone.
The only information a hacker could get is names addresses and email addresses. And I guess the products customers ordered.
None of this is really going to help a hacker harm one of our clients.
Personally, I think it's great that you are concerned, but I would not go as far as to encrypt all data in the database.
What I would do if I were you, and this is what I do, is follow best practices.
Do not store or ever write down clients c/c info.
Put your entire site under SSL
Maintain strong passwords everywhere. - Email accounts, hosting, database - all different passwords too.
ECT here, has some great tips throughout the site and forum to help you maintain these best practices.
Edited by - dbdave on 02/11/2018 22:35:04
| 
Encrypting Customer Data