Encryption program preceding Airtable upload

Brian_Schuster · ‎Nov 04, 2020

For especially sensitive data such as credit card numbers, it would be great to be able to add an extra layer of encryption (e.g AES) by encrypting that data before it enters an Airtable sheet/base from the API.

I found an app called Encryptor from Integromat. Do you know of any other programs that can simply encrypt and decrypt text/numeric data through an API?

Bill_French · ‎Nov 04, 2020

Nothing says my data is secure like encryption being performed in the Czech Republic in an add-in written by, well – who knows. :winking_face:

To be clear, I don’t think Airtable is the biggest risk factor when handling CC data for your customers. While the Czech Republic is supposed to adhere to the EU’s GDPR, oversight of the development of security technologies is not so certain or well-controlled.

Integromat is a phenomenal company and they take security issues very seriously. However, adequate security protection is often about the number of attack surfaces in a solution; the more interchanges that occur, the greater the risk of breach. Furthermore, the type of data vastly increases the risks with CC data at the very pinnacle of the threat envelope.

Setting aside the process of becoming a PCI-compliant app, consider these rules. Are you sure you want to use Airtable to do this?

Brian_Schuster · ‎Nov 04, 2020

No, I’m still in the exploratory phase looking for recommendations.

It’s standard these days in e-commerce for customers to be able to save their credit card to their account.

Bill_French · ‎Nov 04, 2020

Indeed it is. But why not outsource that to a PaaS that knows how to do it securely and with full regulatory compliance?

Brian_Schuster · ‎Nov 05, 2020

Do you have any specific recommendations?

Bill_French · ‎Nov 05, 2020

Stripe?