I am working on a pretty simple e-commerce web site that will sell our
company gift cards online. Our company and merchant policy prohibits us from
storing credit card numbers in any way once we clear the transaction using
Pay Flow. To help protect against fraud, I would like to know when the same
card number is used to make more than one purchase in a given period of
time.
Would hashing card numbers and then storing and comparing hashes work? Does
it still adhere to our company policy?
What would work better creditCard.ToHash() or using one of the SHA managed
providers?
-Andy