diff --git a/siro_driver/lib/controller/home/payment/credit_card_Controller.dart b/siro_driver/lib/controller/home/payment/credit_card_Controller.dart index 936fca3..8ccf689 100755 --- a/siro_driver/lib/controller/home/payment/credit_card_Controller.dart +++ b/siro_driver/lib/controller/home/payment/credit_card_Controller.dart @@ -17,21 +17,6 @@ class CreditCardController extends GetxController { String? cardHolderName = await SecureStorage().readData(BoxName.cardHolderName); String? expiryDate = await SecureStorage().readData(BoxName.expiryDate); - String? cvvCode = await SecureStorage().readData(BoxName.cvvCode); - - if (cvvCode != null && cvvCode.isNotEmpty) { - final maskedCardNumber = DigitObscuringFormatter() - .formatEditUpdate( - TextEditingValue.empty, - TextEditingValue(text: cardNumber ?? ''), - ) - .text; - - cardNumberController.text = maskedCardNumber; - cardHolderNameController.text = cardHolderName ?? ''; - expiryDateController.text = expiryDate ?? ''; - cvvCodeController.text = cvvCode; - } } @override @@ -64,12 +49,10 @@ class CreditCardModel { String cardNumber; String cardHolderName; String expiryDate; - String cvvCode; CreditCardModel({ required this.cardNumber, required this.cardHolderName, required this.expiryDate, - required this.cvvCode, }); } diff --git a/siro_driver/lib/main.dart b/siro_driver/lib/main.dart index f2f4979..c668013 100755 --- a/siro_driver/lib/main.dart +++ b/siro_driver/lib/main.dart @@ -252,6 +252,9 @@ void main() { await initFirebaseIfNeeded(); await WakelockPlus.enable(); await GetStorage.init(); + // Purge any previously stored CVV (PCI-DSS compliance) + await storage.delete(key: BoxName.cvvCode); + await storage.delete(key: BoxName.cvvCodeDriver); await initializeDateFormatting(); await SystemChrome.setPreferredOrientations( [DeviceOrientation.portraitUp, DeviceOrientation.portraitDown]); diff --git a/siro_rider/lib/controller/functions/log_out.dart b/siro_rider/lib/controller/functions/log_out.dart index 4d54c3b..47f2706 100644 --- a/siro_rider/lib/controller/functions/log_out.dart +++ b/siro_rider/lib/controller/functions/log_out.dart @@ -20,6 +20,7 @@ import 'package:siro_rider/controller/home/map/ride_lifecycle_controller.dart'; import 'package:siro_rider/controller/home/map/ui_interactions_controller.dart'; import 'package:siro_rider/controller/home/menu_controller.dart'; import 'package:siro_rider/controller/home/points_for_rider_controller.dart'; +import 'package:siro_rider/controller/functions/secure_storage.dart'; class LogOutController extends GetxController { TextEditingController checkTxtController = TextEditingController(); @@ -116,6 +117,11 @@ class LogOutController extends GetxController { box.remove(BoxName.apiKeyRun); box.remove(BoxName.countryCode); + SecureStorage().deleteData(BoxName.cardNumber); + SecureStorage().deleteData(BoxName.cvvCode); + SecureStorage().deleteData(BoxName.cardHolderName); + SecureStorage().deleteData(BoxName.expiryDate); + box.remove(BoxName.passengerWalletTotal); box.remove(BoxName.isVerified); Get.delete(force: true); diff --git a/siro_rider/lib/controller/functions/secure_storage.dart b/siro_rider/lib/controller/functions/secure_storage.dart index 095016a..cb81fd1 100644 --- a/siro_rider/lib/controller/functions/secure_storage.dart +++ b/siro_rider/lib/controller/functions/secure_storage.dart @@ -19,6 +19,10 @@ class SecureStorage { final String? value = await storage.read(key: boxName); return value.toString(); } + + Future deleteData(String key) async { + await storage.delete(key: key); + } } class AppInitializer { diff --git a/siro_rider/lib/controller/home/payment/credit_card_Controller.dart b/siro_rider/lib/controller/home/payment/credit_card_Controller.dart index eac7d3e..8ccf689 100644 --- a/siro_rider/lib/controller/home/payment/credit_card_Controller.dart +++ b/siro_rider/lib/controller/home/payment/credit_card_Controller.dart @@ -17,21 +17,6 @@ class CreditCardController extends GetxController { String? cardHolderName = await SecureStorage().readData(BoxName.cardHolderName); String? expiryDate = await SecureStorage().readData(BoxName.expiryDate); - String? cvvCode = await SecureStorage().readData(BoxName.cvvCode); - - // if (cvvCode != null && cvvCode.isNotEmpty) { - // final maskedCardNumber = DigitObscuringFormatter() - // .formatEditUpdate( - // TextEditingValue.empty, - // TextEditingValue(text: cardNumber ?? ''), - // ) - // .text; - - // cardNumberController.text = maskedCardNumber; - // cardHolderNameController.text = cardHolderName ?? ''; - // expiryDateController.text = expiryDate ?? ''; - // cvvCodeController.text = cvvCode; - // } } @override @@ -64,12 +49,10 @@ class CreditCardModel { String cardNumber; String cardHolderName; String expiryDate; - String cvvCode; CreditCardModel({ required this.cardNumber, required this.cardHolderName, required this.expiryDate, - required this.cvvCode, }); } diff --git a/siro_rider/lib/main.dart b/siro_rider/lib/main.dart index 5a0f63e..6c00f5e 100644 --- a/siro_rider/lib/main.dart +++ b/siro_rider/lib/main.dart @@ -15,6 +15,7 @@ import 'package:get_storage/get_storage.dart'; import 'package:flutter/services.dart'; import 'package:wakelock_plus/wakelock_plus.dart'; import 'constant/info.dart'; +import 'constant/box_name.dart'; import 'controller/home/ios_live_activity_service.dart'; import 'controller/local/local_controller.dart'; import 'controller/local/translations.dart'; @@ -43,6 +44,8 @@ void main() { // These must complete before the UI can be built. WidgetsFlutterBinding.ensureInitialized(); await GetStorage.init(); + // Purge any previously stored CVV (PCI-DSS compliance) + await storage.delete(key: BoxName.cvvCode); WakelockPlus.enable(); if (Platform.isAndroid || Platform.isIOS) { await Firebase.initializeApp( diff --git a/siro_rider/lib/views/home/map_widget.dart/payment_method.page.dart b/siro_rider/lib/views/home/map_widget.dart/payment_method.page.dart index 5cc7f48..f853a6b 100644 --- a/siro_rider/lib/views/home/map_widget.dart/payment_method.page.dart +++ b/siro_rider/lib/views/home/map_widget.dart/payment_method.page.dart @@ -94,9 +94,6 @@ class PaymentMethodPage extends StatelessWidget { BoxName.cardHolderName, controller .cardHolderNameController.text); - SecureStorage().saveData( - BoxName.cvvCode, - controller.cvvCodeController.text); SecureStorage().saveData( BoxName.expiryDate, controller @@ -364,8 +361,6 @@ class MyCreditCardWidget extends StatelessWidget { controller.cardNumberController.text); SecureStorage().saveData(BoxName.cardHolderName, controller.cardHolderNameController.text); - SecureStorage().saveData(BoxName.cvvCode, - controller.cvvCodeController.text); SecureStorage().saveData(BoxName.expiryDate, controller.expiryDateController.text); }