My app has to comunicate with an API, we can do this easily to send and get data.
Right now we send everything as plain text as a parameter of the URL.
I am by no means a security expert, but common sense tells me the credit card number should be encrypted during the transfer.
The server can worry about the storage, my only concern is the actual transmission of the data.
From my reading I undertand that I need a private key encryption algorithm, as it needs to be reversed by the server to get the actual data.
Is a good one already implemented on the CommonCrypto framework?
What would be your recommendation?
I am looking to do this using iOS and I am sure the security frameworks have tools to complete this challenge, I just dont know where to look or what to look for.
Thank you!