Mastercard Incorporated
Methods and systems for encrypting data for a web application

Abstract:

Embodiments provide methods, and systems for encrypting data for web aplication. A method includes receiving, by a server system, a cryptographic certificate including asymmetric key pair. The method includes generating a random value key that forms at least a part of a Content Encryption Key (CEK) to be generated by a web application. The method includes sending the random value key to a client device running the web application over a secure network communication channel for generating the CEK. The CEK is to be utilized for encrypting a content entered by a user of the web application on the client device and the CEK is encrypted using a public key of the asymmetric key pair for transmission over the secure network communication channel. Furthermore, the method includes translating, the CEK encrypted under public key to CEK encrypted under LMK using a private key being part of the asymmetric key pair.