Ember variables security quesiton


I’m not too knowledgeable about security issues so forgive me if this is a bit novitiate.

A coworker had an interesting observation about our Ember app in regards to potential PCI compliance issues. When a user types in something like their password or credit card number, that value is saved somewhere as a variable and then utilized one way or another.

Is it a viable concern that some malware could snag that data and steal it? Also, what would be a good way to encrypt variable data before it is ever stored as a variable, thereby preventing any chance of unencrypted theft?

I know there should be many layers of security before anyone ever gets to see this type of data. Its really more of a curiosity at this point than a real concern.