I have an application will let user input their credit card information and store that information at Server side. Example : When they buy something, we will get money from them automatic. Do you know how to protect/encrypt user's information credit card at client and server side? Should we store user credit card information on database server? Or somewhere else?
Thank you.
Even before going down that route, think of security first and foremost.
Do not try to roll your own so-called-clever-hacks such as security by obscurity.
On the server side, there must be, requirements met, by credit card providers to verify that compliance tests have been met and passed.
Not to mention, there will be stringent compliance and regulations as well, all the way from beginning of project to end of project, and will carry over to support.
Do not, attempt to store that sort of credit card information on the client side, that is opening up to legal ramifications, who will be responsible for the theft, the owner on the client side, or the actual business operating behind the server side.
Use the tried and tested security algorithms, employ SSL certs that conform to standards.
The question reeks of very poor lack of knowledge and scope for requirements which were not clearly researched or undertaken. It is quite noticeable that this is something the OP will not be, clearly, able to do on their own, and would require third party consultations and solutions to manage the task.
Asking for code to protect credit card information, is, clearly, a warning sign, without any consideration for the above that is written.
