Hidden form fields problem. How can I make it more secure.

Question

The payment page on our website is passing credit card information into a conformation page as form variables. The credit card company requires us to pass all of these form variable to their site for validation.

we pass these form variable using hidden field such as this : <cfinput type="hidden" name="CCNo" value="#Form.CCNo#">

The problem is, when I did view source from my browser, I could see all of the credit card information. I'm sure this need to be changed immediately but

I can't think of a way to make this transaction more secure.

I seems that he credit card company wanted us to pass all of these information as form variables. Is there ways to make passing form variable secure, where users can't see the values from view source??

Please help

WolfShade · Answer

I don't think seeing the information from "View Source" is an issue - the only information a user would be able to view is their own.

Now, transmitting to the company - THAT needs to be secure. As long as the data is being POSTED (not GET) from a form via SSL (httpS), it should be secure.

Unless, like Dan, I'm not understanding the question as you have put it.

^_^

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded