问题
Storing credit card info in web servers under my company's control creates severe security risk. It is an incentive to break in. It forces us to guard acces to our our database with great care. It is a legal liability.
Obviously this would only really be useful to users who are on the same browser from one session to another, so there is a UX hit.
Would it be a security improvement to put this info in HTML5 local storage?
回答1:
POSSIBLY
By storing the credit card details on an individual's machine, you reduce the chance that a successful hack of a single server (or 'system') leads to the credit details of many (hundreds/thousands of) users being compromised. An ideal solution would entail a similar (or lower) risk as storing things on the server, but distribute the attack surface and hence massively reduce the impact.
Here is the summary of a suggested approach (which I've posed fully as a SO question HERE, with no 'poo-poos' as of yet):
Retrieve an encryption key from the server over HTTPS.
Use it (in javascript) to encrypt the credit card details in local storage at the same time as they are being entered by the user.
Throw the key away when the user navigates away from the page.
If the user returns later, they can retrieve the same key from the server, as well as a new key with which to cache the details going forward (to avoid the same key being used again and again).
The server doesn't have to keep a copy of the credit card details, and a hacker would need to gain a level of access such that they could anyway see the details being entered on the page by the user.
回答2:
No.
Because then anyone could come to the computer and get the unencrypted credit card information. Local storage is not encrypted on the computer. Storing it encrypted on a secured server is a better option (even with the legal issues).
But the best option is to not store it at all. That reduces the legal and financial issues for everyone. If people are upset with the user experience, explain to them that not storing their credit card number is for their protection.
来源:https://stackoverflow.com/questions/17496384/what-are-the-security-implications-of-html5-local-storage-for-credit-card-info