A secure iOS application demonstrating credit card encryption using Apple's CryptoKit framework. This project showcases best practices for handling sensitive payment card data with field-level encryption.
CryptoKitCreditCard is a SwiftUI-based iOS application that provides a secure payment form with individual field encryption for credit card details. Each card field (PAN, CVC, expiration month/year) is encrypted separately before transmission to a server, ensuring sensitive data is protected in transit.
- 🔐 Field-Level Encryption: Each card field is encrypted individually using AES-256-GCM
- 📱 SwiftUI Interface: Modern, user-friendly payment form with real-time status updates
- 🛡️ CryptoKit Integration: Leverages Apple's native CryptoKit framework for secure cryptography
- ⚡ Real-time Feedback: Live status updates during encryption and submission
- ✅ Error Handling: Comprehensive error handling for encryption operations
- 🧪 Unit & UI Tests: Includes test suites for quality assurance
CryptoKitCreditCard/
├── CryptoKitCreditCard/
│ ├── CryptoKitCreditCardApp. swift # Main app entry point
│ ├── PaymentFormView.swift # UI for payment form
│ ├── Models/
│ │ └── CardData.swift # CardDetails data model
│ ├── Helpers/
│ │ └── CryptoEncryptDecrypt.swift # Encryption logic
│ └── Assets. xcassets/ # App assets
├── CryptoKitCreditCardTests/ # Unit tests
└── CryptoKitCreditCardUITests/ # UI tests
Represents credit card information with fields for:
- PAN: Primary Account Number
- CVC: Card Verification Code
- expMonth: Expiration month (MM)
- expYear: Expiration year (YYYY)
- ts: Timestamp (milliseconds since epoch)
Handles all encryption operations:
- Generates a 256-bit symmetric key for AES-GCM encryption
encrypt(_ text: String)- Encrypts a single fieldencryptCardFieldsIndividually(_ card: CardDetails)- Encrypts all card fields and returns a dictionary of base64-encoded encrypted values
The main UI component featuring:
- Input fields for card number, CVC, expiration date
- Real-time encryption status display
- Error messages and validation feedback
- Processing state management
- Submit button with loading state
- AES-256-GCM Encryption: Industry-standard authenticated encryption
- Individual Field Encryption: Each card field is encrypted separately
- Base64 Encoding: Encrypted data is safely encoded for transmission
- Error Handling: Graceful error reporting for failed operations
- iOS 18.5+
- Swift 5.0+
- Xcode 16.0+
- Clone the repository:
git clone https://github.com/JerwinPRO/CryptoKitCreditCard.git- Open the project in Xcode:
cd CryptoKitCreditCard
open CryptoKitCreditCard.xcodeproj- Build and run on your iOS device or simulator:
Cmd + R (in Xcode)- Launch the app on your iOS device or simulator
- Fill in the payment form with card details:
- Card Number
- CVC (3-4 digit code)
- Expiration Month (MM)
- Expiration Year (YYYY)
- Tap "Encrypt and Submit"
- The app encrypts each field individually and simulates server transmission
- View real-time status updates and confirmation messages
The project includes comprehensive test suites:
- Basic encryption functionality tests
- Framework: Swift Testing
- App launch and performance tests
- Form interaction scenarios
- Framework: XCTest
Run tests using Xcode:
Cmd + U- Key Management: Store encryption keys securely (use Keychain, not hardcoded)
- Secure Transmission: Use TLS/HTTPS for all server communications
- PCI DSS Compliance: Ensure compliance with Payment Card Industry Data Security Standard
- Token-Based Approach: Consider using payment tokenization services instead of direct encryption
- Secure Enclave: Consider utilizing the device's Secure Enclave for key storage
For questions or issues, please open an issue in the GitHub repository.
Disclaimer: This project is for educational purposes only. Do not use this implementation for production payment processing without proper security audits and compliance verification.