Data encryption

In an e-commerce site, you process sensitive information, such as customer credit card numbers and user profile information. Commerce Server recommends using these methods to encrypt data to protect this information:

Use of Secure Sockets Layer (SSL) to encrypt non-profile data. SSL is a scheme for protocols such as HTTP and others to transmit data in a secure manner.
Use of profile encryption keys to encrypt profile data. For more information, go to How to configure encryption keys for Profiles System data.
Use of Transparent Data Encryption from SQL Server to encrypt the content of the log and data files of the databases. If this feature enabled, if anyone gets a copy of your databases, they will be unable to read it. For more information on Transparent Data Encryption, go to: https://msdn.microsoft.com/en-ca/library/bb934049.aspx.

Encrypt the database connection between the website and databases by enabling Encrypted Connections in SQL Server. For more information on Encrypted Connections, go to: https://msdn.microsoft.com/en-ca/library/ms191192(v=sql.120).aspx