Non-encrypted confidential information - Credit Cards
Need
Secure encryption and masking of credit card information
Context
- Usage of Scala for building scalable and high-performance applications
- Usage of play.api.mvc for handling HTTP requests and responses in Play Framework
Description
Non compliant code
import play.api.mvc._
object Application extends Controller {
def submitPayment = Action { request =>
val cardNumber = request.body.asFormUrlEncoded.get("cardNumber").head
val expiryDate = request.body.asFormUrlEncoded.get("expiryDate").head
val cvv = request.body.asFormUrlEncoded.get("cvv").head
// Process payment with the card details
processPayment(cardNumber, expiryDate, cvv)
Ok("Payment processed")
}
def processPayment(cardNumber: String, expiryDate: String, cvv: String) = {
// Payment processing code here
}
}
The above code is handling payment card information in a non-secure way which is a violation of the PCI DSS standard.
The submitPayment method retrieves credit card details (card number, expiry date, and CVV) from the request body without any encryption or masking. These sensitive details are then passed to processPayment method as plain text.
This represents a serious security vulnerability as the credit card information could be intercepted during transmission or logged in server logs. If an attacker gains access to these logs or the transmission data, they can steal the credit card details.
The risk is further exacerbated if the server is compromised, as the attacker would have access to the unencrypted credit card information directly from the server memory or storage.
The code should be revised to encrypt sensitive information at both the user end and the server end. This could be achieved by implementing HTTPS for secure communication and using encryption algorithms such as AES for data encryption.
Steps
- Implement encryption for sensitive information such as credit card details.
- Use a secure encryption algorithm to encrypt the credit card details.
- Ensure that the encryption keys are securely stored and managed.
- Implement secure transmission of the encrypted credit card details between the user and the server.
- Use HTTPS protocol to ensure secure communication between the client and the server.
- Implement secure storage of the encrypted credit card details on the server.
- Follow PCI DSS standards and guidelines for handling and storing sensitive payment card information.
- Regularly update and patch the server and framework to address any security vulnerabilities.
- Implement strong access controls and authentication mechanisms to protect the encrypted credit card details.
- Regularly monitor and log access to the credit card details to detect any unauthorized access or suspicious activities.
Compliant code
import play.api.libs.crypto._
import play.api.mvc._
import javax.inject.Inject
class Application @Inject() (val cc: ControllerComponents, val crypto: CSRFTokenSigner) extends AbstractController(cc) {
def submitPayment = Action { request =>
val cardNumber = request.body.asFormUrlEncoded.get("cardNumber").head
val expiryDate = request.body.asFormUrlEncoded.get("expiryDate").head
val cvv = request.body.asFormUrlEncoded.get("cvv").head
// Encrypt the card details
val encryptedCardNumber = crypto.sign(cardNumber)
val encryptedExpiryDate = crypto.sign(expiryDate)
val encryptedCvv = crypto.sign(cvv)
// Process payment with the encrypted card details
processPayment(encryptedCardNumber, encryptedExpiryDate, encryptedCvv)
Ok("Payment processed")
}
def processPayment(cardNumber: String, expiryDate: String, cvv: String) = {
// Payment processing code here
}
}
The updated code now includes encryption for sensitive credit card information. The Play framework's CSRFTokenSigner is used to encrypt the card number, expiry date, and CVV before they are processed for payment. This ensures that the sensitive information is not exposed in plain text, reducing the risk of it being intercepted or misused.
The CSRFTokenSigner is injected into the Application controller using dependency injection, which is a common practice in Play framework to ensure that components are loosely coupled and can be easily tested and replaced.
The encrypted card details are then passed to the processPayment method. This method should decrypt the card details before processing the payment. The decryption should be done in a secure manner, ensuring that the decryption keys are securely stored and managed.
In addition to encrypting the card details, it is also important to ensure secure transmission of these details between the user and the server. This can be achieved by using HTTPS protocol for communication between the client and the server.
The server should also implement secure storage of the encrypted card details, following PCI DSS standards and guidelines for handling and storing sensitive payment card information.
Regular updates and patches should be applied to the server and framework to address any security vulnerabilities. Strong access controls and authentication mechanisms should be implemented to protect the encrypted card details. Access to the card details should be regularly monitored and logged to detect any unauthorized access or suspicious activities.