I use bCrypt to encrypt the user's password. The
compare() method bCrypt includes allows a plain text password to be passed and checked against the stored hash in the database.
The issue I am facing is that I need to store a users bank account and routing number, and plain text is outta the question. I figured I could use bCrypt to encrypt the account and routing number, however I would need to compare plain text to the stored hash in order to return the information in it's original state.
This bank account information is viewed by a user with
admin privileges and not always by the user who owns the bank information. So I would need to fetch the bank account and routing info to display in the admin panel of this application.
How should I approach this? The credit card storage and processing on this application is handled through Stripe, so that portion is taken care of. I was thinking I could use Stripe to store ACH, but I do not need Stripe to process any ACH payments. The bank account and routing numbers are only viewed by the 'admin` for a reference, and are only used in tax preparation.