The standard way credit card encryption works is that two keys are generated.
One key is a public key, which encrypts the credit card details.
The second key is a private key, which decrypts the credit card details.
The problem with storing credit card details is that security is only as strong as the private key. In most configurations, the private key is stored on the server with the public key – completely nullifying the purpose of having two keys.
With PHP Credit Card, the private key, the key that decrypts the credit card numbers, is stored locally on your computer. So even if a hacker gains access to your web server, the credit card numbers are still safe.
How php credit card works. Click to enlarge
PHP Credit Card uses RSA encryption. RSA encryption is an encryption method where by the key used to encrypt a piece of data (the public key) is different to key required to decrypt the data (the private key).
PHP Credit Card uses a public key to encrypt the credit card details and then stores them in a database. (An SSL certificate is required for this).
To decrypt the credit card details, the windows application, which has the private key safely on your local computer, connects to the database and grabs the card details and then decrypts them.
The credit card details are then shown in the windows application.