Idea: Encrypt incoming data by default #12
Description
Feel free to close this, I just thought this could be a fun project for anyone interested in playing around with Tokenizer.
Goal: Ensure your server cannot hold any sensitive data by automatically encrypting incoming fields in requests (eg credit card data).
How:
- Inbound: Encrypt with Tokenizer public key using Cloudflare Rules and/or Workers (or any other provider that you can place in front of all your traffic)
- Your backend just gets the tokenized value substituted inside the request body
- Outbound: Send data though Tokenizer, values encrypted by default will be replaced in the request to your destination (eg Stripe)
Most of the work here seems unrelated to this project: configuring encryption and substitutions in the provider of your choice. I think this project is interesting bc it makes Tokenizer a replacement for a service like VGS https://www.verygoodsecurity.com/platform.
Any ideas on how to improve this or what to watch out for is someone wants to implement this?