Non-encrypted Confidential Information - Credit Cards
Need
Ensure that credit card information is encrypted both during transport and at rest.
Context
• Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications
• Usage of Plug (1.12.0 and above) for building composable web applications in Elixir
• Usage of Plug.Crypto library (version 1.2.0 and above) for cryptographic operations
Description
1. Non compliant code
defmodule MyAppWeb.PaymentController do
  use MyAppWeb, :controller
  def process_payment(conn, %{'card_number' => card_number, 'expiry_date' => expiry_date, 'cvv' => cvv}) do
    payment_successful = PaymentProcessor.process(card_number, expiry_date, cvv)
    if payment_successful do
      json(conn, %{status: 'success'})
      json(conn, %{status: 'error'})...The code is insecure because it directly uses the credit card data without any form of encryption. This allows anyone who can intercept the data to have access to sensitive credit card information.
2. Steps
• Install Plug.Crypto library to handle encryption and decryption of sensitive data.
• Encrypt credit card data before sending it to the server.
• Decrypt the data server-side before processing the payment.
• Always use secure connections (HTTPS) to transport sensitive data.
3. Secure code example
defmodule MyAppWeb.PaymentController do
  use MyAppWeb, :controller
  alias Plug.Crypto.KeyGenerator
  def process_payment(conn, %{'card_number' => enc_card_number, 'expiry_date' => enc_expiry_date, 'cvv' => enc_cvv}) do
    key = KeyGenerator.generate(conn.private.salt, conn.private.iteration)
    card_number = KeyGenerator.stream_decrypt(key, enc_card_number)
    cvv = KeyGenerator.stream_decrypt(key, enc_cvv)...The code is secure because it decrypts the encrypted credit card data on the server side before processing the payment, which means the credit card information is encrypted during transport.