In an online store app, how do you give the anonymous web user (passed through a connection string) enough privilege to encrypt/decrypt card data without compromising security (in case the web site gets hacked)?